ClawHub

Chaindesk

v1.0.2

Chaindesk integration. Manage data, records, and automate workflows. Use when the user wants to interact with Chaindesk data.

0· 117·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Chaindesk integration) match the instructions: all actions are performed via the Membrane CLI and relate to Chaindesk data and connectors. There are no unrelated credential or binary requirements.
Instruction Scope
SKILL.md instructs installing the Membrane CLI, logging in via browser, listing/connecting actions and proxying requests to Chaindesk — all within the expected scope. It does not instruct reading arbitrary files, harvesting unrelated environment variables, or exfiltrating data to unexpected endpoints.
Install Mechanism
No install spec in registry; the doc recommends installing @membranehq/cli globally via npm (npm install -g). This is an expected way to obtain the required CLI but carries the usual risk of installing third-party npm packages globally — verify the package source and review its permissions before installing.
Credentials
The skill declares no required environment variables or secrets. Authentication is delegated to the Membrane CLI (browser-based login), which is proportional to a connector-style integration.
Persistence & Privilege
The skill is instruction-only, does not request always:true, and does not modify other skills or system-wide agent settings. It relies on the Membrane CLI to persist credentials locally (normal behavior).
Assessment
This skill appears coherent and uses the Membrane CLI as an auth/proxy layer for Chaindesk; before installing: 1) confirm you trust the @membranehq/cli npm package and its homepage/repository, 2) be aware the CLI will store authentication tokens locally (browser-based login/refresh), 3) avoid entering unrelated secrets — the skill explicitly says not to ask for API keys, and 4) in environments where installing global npm packages is restricted, consider reviewing the CLI code or running it in an isolated environment. If you need stronger assurance, inspect the @membranehq/cli repository and its release artifacts before installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9748gez5yjgsq6szz69zwv6ps843txz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments