ClawHub

Hygraph

v1.0.2

Hygraph integration. Manage Projects. Use when the user wants to interact with Hygraph data.

0· 115·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say 'Hygraph integration' and the SKILL.md exclusively instructs use of the Membrane CLI to connect to Hygraph, discover actions, run them, or proxy raw API requests — all directly related to the stated purpose.
Instruction Scope
Instructions are limited to installing and using the Membrane CLI, performing browser-based login, creating connections, listing/running actions, and proxying requests. Notable: proxying requests via Membrane means request/response payloads and Hygraph credentials are routed through Membrane's service (expected for this integration).
Install Mechanism
No install spec in the skill bundle itself; the documentation tells users to install @membranehq/cli with npm -g. This is a reasonable, common approach but has the usual caveats of installing a global npm package — trust and verify the package/source before installing.
Credentials
The skill declares no required environment variables or local credentials. It explicitly advises not to ask users for API keys because Membrane manages auth server-side, which is proportionate to the described design.
Persistence & Privilege
always:false (not force-included). disable-model-invocation:false (autonomous invocation allowed) — this is the platform default and acceptable here. The skill does not request system-wide config changes or access to other skills' credentials.
Assessment
This skill is coherent: it delegates Hygraph access to the Membrane service and expects you to install @membranehq/cli and authenticate via browser. Before installing, verify the npm package and GitHub repo (publisher, versions, and reviews). Be aware that request payloads and Hygraph credentials are proxied through Membrane’s servers — if you need data to stay only on-prem or under your direct control, do not use this integration. Otherwise, follow standard npm safety checks (inspect package source on GitHub, check npmjs listing) and confirm you trust getmembrane.com/@membranehq.

Like a lobster shell, security has layers — review code before you run it.

latestvk972z4r9c0fpxxchctpc84gg6x843sk2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments