Cliniko
v1.0.2Cliniko integration. Manage data, records, and automate workflows. Use when the user wants to interact with Cliniko data.
⭐ 0· 104·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The SKILL.md explicitly uses the Membrane CLI to authenticate, connect, and proxy requests to the Cliniko API — which is coherent with the stated Cliniko integration purpose. However, the registry metadata lists no required binaries or environment variables even though the instructions expect 'npm' and a globally installed '@membranehq/cli' and a Membrane account; this mismatch is likely an oversight but worth calling out.
Instruction Scope
Runtime instructions stay focused on Cliniko operations: installing Membrane CLI, logging in, creating connections, listing/running actions, and proxying requests to Cliniko via Membrane. The doc does not instruct reading unrelated local files or environment variables. It does allow sending arbitrary paths to Cliniko via Membrane's proxy, which is within the integration scope but can be used to perform any Cliniko API call the authenticated connection permits.
Install Mechanism
This is an instruction-only skill with no install spec, but the SKILL.md tells users to run 'npm install -g @membranehq/cli' to install a global CLI. That requires npm and writes a global binary. The skill does not declare this binary requirement in metadata. Global npm installs are moderately risky if you don't trust the package or want to avoid system-wide changes; verify the package source/maintainer before running.
Credentials
The skill requests no environment variables or direct credentials in the metadata. Authentication and credential handling are delegated to Membrane (browser-based OAuth/connection flow). There are no extraneous credential asks in the docs. Because Cliniko holds healthcare data (PHI), be aware that any account you connect will grant access to sensitive records via the Membrane connection.
Persistence & Privilege
The skill is not always-enabled and does not request special system persistence. The default platform setting allowing autonomous invocation is enabled (disable-model-invocation=false). That combination is expected for a useful integration, but be mindful that an agent with autonomous access plus a connected Membrane account could issue Cliniko API calls without further user prompts — increasing the blast radius if the agent is misused.
Assessment
Before installing: 1) Recognize this skill requires the Membrane CLI (the SKILL.md tells you to run 'npm install -g @membranehq/cli') even though metadata doesn't list required binaries — ensure you have/accept npm global installs or run the CLI in an isolated environment. 2) Verify the @membranehq/cli package and the Membrane vendor (homepage/repo) are legitimate and review their permissions and source code if possible. 3) Understand authentication is done via Membrane (browser OAuth/connection) and the connected account will allow API-level access to Cliniko data — don't connect an account with broader access than needed. 4) Because Cliniko contains sensitive health data, prefer least-privilege connections and audit what actions the Membrane connector is allowed to perform. 5) If you want stricter control, avoid enabling autonomous invocation or run the CLI in a sandbox/container and review logs for unexpected requests. If you want me to, I can list specific checks to verify the NPM package or walk through what to look for during the Membrane connection consent screens.Like a lobster shell, security has layers — review code before you run it.
latestvk97a5mwx6r35gd8vz9vtnqbejn842tmy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.