Citrix
v1.0.0Citrix integration. Manage data, records, and automate workflows. Use when the user wants to interact with Citrix data.
⭐ 0· 108·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Citrix integration) aligns with the instructions: all actions are performed via the Membrane CLI which proxies to Citrix. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
Instructions are narrowly focused on installing and using the Membrane CLI (login, connect, action list/run, request proxy). All network calls are routed through Membrane; the SKILL.md explicitly says Membrane handles auth. This is appropriate for the stated purpose but means Citrix traffic and credentials are handled by a third-party service (Membrane).
Install Mechanism
The skill is instruction-only (no install spec), but recommends installing @membranehq/cli via npm -g or using npx. Installing a global npm package is common but has moderate risk (you should verify package identity and trust the publisher). There are no downloads from arbitrary URLs or archive extracts in the skill itself.
Credentials
The skill requests no environment variables or local credentials; it relies on Membrane to manage credentials server-side. This is proportionate to the stated purpose, though it requires trust in Membrane's credential handling and privacy practices.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request elevated agent privileges or modify other skills. Autonomous invocation is allowed by default but is not a new or unusual privilege here.
Assessment
This skill appears coherent but depends on a third-party service (Membrane) to proxy Citrix API calls and to store/refresh credentials. Before installing: 1) Verify you trust Membrane (review https://getmembrane.com, the npm package publisher @membranehq, and their privacy/security docs); 2) Prefer using npx for one-off runs to avoid a global npm install, or verify the npm package checksum/publisher; 3) Expect Citrix traffic and tokens to transit/ be stored by Membrane—confirm this is acceptable for your data/organization; 4) For enterprise/regulated environments, prefer official Citrix integrations or validate Membrane’s compliance. No local secrets are requested by the skill itself.Like a lobster shell, security has layers — review code before you run it.
latestvk977bga05afe683f4w0c6sqzg584g062
License
MIT-0
Free to use, modify, and redistribute. No attribution required.