ClawHub

Elastic

v1.0.2

Elastic integration. Manage data, records, and automate workflows. Use when the user wants to interact with Elastic data.

0· 94·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: the skill guides the agent/user to use the Membrane CLI to connect to and operate on Elastic resources. There are no unrelated environment variables, binaries, or config paths requested that would be out of scope for an Elastic integration.
Instruction Scope
SKILL.md instructs installing the Membrane CLI, logging in (interactive and headless flows), discovering connections/actions, and running actions against Elastic. It does not instruct reading arbitrary host files, environment variables, or exfiltrating data to unrelated endpoints. The instructions are scoped to interacting with Elastic via Membrane.
Install Mechanism
The skill is instruction-only (no install spec), but directs users to install @membranehq/cli via npm (npm install -g). Installing a global npm package is a reasonable mechanism for a CLI-based integration but carries the usual moderate risk of trusting a third-party npm package; the skill itself does not download arbitrary archives or execute unknown URLs.
Credentials
No environment variables, primary credential, or config paths are requested by the skill. Authentication is delegated to the Membrane CLI's login flow, which is proportionate to the stated purpose (it needs account-level access to access Elastic resources).
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges. The Membrane CLI will store credentials locally as part of its normal operation, which is expected for a CLI-based integration.
Assessment
This skill appears coherent, but note it relies on the third-party @membranehq/cli. Before installing or using it: 1) Confirm you trust Membrane (review the npm package, repository, and privacy/security docs). 2) Use least-privilege Elastic credentials or a limited service account for integrations. 3) Prefer installing the CLI in a controlled environment (container, virtualenv, or non-root user) rather than globally as root. 4) Inspect where the Membrane CLI stores tokens/config on disk and consider rotating credentials after initial use if concerned. If you need higher assurance, review the Membrane CLI source code and the repository linked in SKILL.md before granting access to your Elastic data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ajzj862w7021r7qqrtc4ytn843q4k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments