ClawHub

Github Actions

v1.0.0

GitHub Actions integration. Manage data, records, and automate workflows. Use when the user wants to interact with GitHub Actions data.

0· 58·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (GitHub Actions integration) matches the SKILL.md: all commands and flows are about using the Membrane CLI to connect to and proxy requests to GitHub Actions. No unrelated services, credentials, or tools are requested.
Instruction Scope
SKILL.md only instructs installation and use of the Membrane CLI (login, create connection, list/run actions, proxy requests). It does not direct reading unrelated files, environment variables, or sending data to unexpected endpoints beyond Membrane/GitHub via the CLI.
Install Mechanism
No install spec in the registry; the docs instruct running `npm install -g @membranehq/cli` (public npm). This is a common pattern for CLI-based integrations but does involve installing third-party code globally — verify the npm package and publisher before installing.
Credentials
The skill declares no required env vars, no config paths, and relies on Membrane to manage credentials. That matches the guidance in SKILL.md to create connections rather than provide API keys locally.
Persistence & Privilege
The skill is instruction-only, not always-enabled, and does not request persistent system privileges. Autonomous invocation is allowed by default on the platform but the skill does not request elevated or system-wide changes.
Assessment
This skill is coherent but depends on trusting the Membrane service and its npm CLI. Before installing or running it: 1) verify the @membranehq/cli package and maintainer on npm/GitHub; 2) review the OAuth scopes requested when you connect your GitHub account (Membrane will proxy requests and can access your Actions data); 3) avoid pasting raw GitHub tokens into the agent — use the connector flow as instructed; and 4) if you have strict security requirements, consider reviewing Membrane's privacy/terms or running CLI commands in a controlled environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dvt17mrhky510nactvp4xvn849sqf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments