ClawHub

Firecrawl

v1.0.0

Firecrawl integration. Manage data, records, and automate workflows. Use when the user wants to interact with Firecrawl data.

0· 76·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description (Firecrawl integration) match the instructions (use the Membrane CLI to connect to Firecrawl, list actions, run actions, or proxy API requests). There are no unrelated required env vars, binaries, or config paths.
Instruction Scope
SKILL.md confines runtime behavior to installing/using the Membrane CLI, logging in, creating/listing connections, listing/running actions, and proxying requests through Membrane. It does not instruct reading local files or harvesting unrelated credentials. The proxy capability means requests to Firecrawl (and any proxied endpoints) will be routed via Membrane, which is expected for this integration.
Install Mechanism
This is an instruction-only skill (no install spec). It instructs installing @membranehq/cli via npm -g or using npx. Installing global npm packages or using npx that fetches the latest package is normal for CLI usage but carries the usual supply-chain considerations (install scripts, package updates).
Credentials
No environment variables, credentials, or config paths are requested by the skill. SKILL.md explicitly advises against asking users for API keys and relies on Membrane to manage auth, which is proportionate for a connector-style integration.
Persistence & Privilege
The skill does not request always:true or other elevated persistent privileges. It is user-invocable and can be invoked autonomously by the agent (default behavior), which is expected for skills.
Assessment
This skill is coherent: it instructs use of the Membrane CLI to access Firecrawl and does not request unrelated secrets. Before installing, verify you trust the Membrane project (review the npm package @membranehq/cli, the getmembrane.com site, and the GitHub repository), and prefer using npx with a pinned version (or inspect the package) instead of npm -g if you want to avoid a global install. Understand that using the CLI and Membrane's proxy will send requests and data through Membrane's servers, so review their privacy/security policy if your data is sensitive. If you need extra caution, test in a sandbox or ephemeral environment and confirm which connectionId/actionId will be used before running actions.

Like a lobster shell, security has layers — review code before you run it.

latestvk971qs1bpmg1m4yj253ez1bct9845084

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments