ClawHub

Hologram

v1.0.2

Hologram integration. Manage data, records, and automate workflows. Use when the user wants to interact with Hologram data.

0· 77·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description say 'Hologram integration' and every instruction references using the Membrane CLI to connect to Hologram, discover actions, run actions, and proxy requests — these requirements match the stated purpose.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, performing browser-based auth, listing/connecting actions, running actions, and proxying API requests through Membrane. It does not instruct reading unrelated files, accessing unrelated env vars, or exfiltrating arbitrary local data.
Install Mechanism
This is an instruction-only skill (no registry install spec), but it tells the user to run `npm install -g @membranehq/cli`. Global npm installs are common but require caution (they write to the system), and the skill relies on a third-party npm package rather than shipping code inline.
Credentials
No environment variables, secrets, or config paths are requested. The documentation explicitly advises letting Membrane handle credentials rather than requesting API keys, which is proportionate to the skill's purpose.
Persistence & Privilege
The skill does not request always-on presence, special agent privileges, or modifications to other skills. It relies on the user installing/using an external CLI and network access, which is appropriate for this integration.
Assessment
This skill is internally consistent with a Hologram integration that uses the Membrane CLI. Before installing: (1) verify the @membranehq/cli npm package and its maintainers (npm page, GitHub) to ensure you trust the code you install globally; (2) be aware that `npm install -g` modifies your system PATH and requires appropriate privileges — consider a sandboxed environment or nvm-managed node if you prefer isolation; (3) the CLI will open a browser for auth and can proxy arbitrary API requests to Hologram via Membrane, so only connect accounts you intend to use and avoid pasting unrelated secrets into CLI commands; (4) if you need a higher assurance review, request the Membrane CLI source or a manifest of what it does during auth and request handling.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d8t6e20n9pw417v1xw54svs843cxm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments