ClawHub

Finerio Connect

v1.0.2

Finerio Connect integration. Manage data, records, and automate workflows. Use when the user wants to interact with Finerio Connect data.

0· 90·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the instructions: the SKILL.md consistently instructs using the Membrane CLI to access Finerio Connect. Required capabilities (network, Membrane account, installing the CLI) are appropriate for the stated purpose.
Instruction Scope
Runtime instructions are limited to installing/using the Membrane CLI, logging in via browser, creating/listing connections, running actions, and proxying requests through Membrane. The instructions do not ask the agent to read unrelated local files, environment variables, or exfiltrate data outside the Membrane/Finerio flow.
Install Mechanism
The skill is instruction-only (no install spec), but it directs users to install @membranehq/cli via npm (global). Installing global npm packages is expected for a CLI integration but carries the usual npm-supply-chain considerations—verify package provenance and maintainers before installing globally.
Credentials
No environment variables, secrets, or config paths are requested. The documentation explicitly instructs not to request API keys and relies on Membrane's server-side credential handling, which is proportionate to the skill's purpose.
Persistence & Privilege
The skill does not request persistent/system-level privileges (always: false). It is instruction-only and does not modify other skills or system-wide agent settings. Autonomous invocation is allowed by default but is not combined with broad credentials or persistence here.
Assessment
This skill appears internally consistent: it tells you to install and use the Membrane CLI to connect to Finerio Connect and does not ask for unrelated credentials. Before installing, verify the npm package and GitHub repository (confirm the publisher is legitimate), and consider installing the CLI in an isolated environment (container or VM) if you are cautious about global npm installs. Be aware that once you authenticate via Membrane, the CLI can make API requests on your behalf to access financial data through the Membrane proxy—only proceed if you trust Membrane/getmembrane.com and the flow described. If you want stricter control, avoid granting the agent autonomous actions that could call the CLI without your explicit approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk97evtnyzfx8yyahxm3v3f2cnd843d4r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments