ClawHub

Idx Broker

v1.0.2

IDX Broker integration. Manage Leads, Users, Roles. Use when the user wants to interact with IDX Broker data.

0· 127·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (IDX Broker integration to manage leads, users, roles) match the instructions: the SKILL.md documents IDX Broker endpoints and shows how to connect via the Membrane CLI. There are no unrelated credential or service requests.
Instruction Scope
Runtime instructions only direct the agent/operator to install and use the Membrane CLI, authenticate (browser flow or headless), list/connect to a connector, and invoke actions. The SKILL.md does not instruct reading arbitrary system files, unrelated env vars, or exfiltrating data to unexpected endpoints.
Install Mechanism
The skill is instruction-only and asks the user to install @membranehq/cli via npm (global). This is a normal, expected mechanism for a CLI-based integration, but installing global npm packages carries the usual supply-chain/trust considerations (verify package source and publisher).
Credentials
No environment variables or credentials are declared in the registry metadata; authentication is handled via the Membrane CLI/browser flow described in SKILL.md, which fits the described purpose. There are no unexpected credential requests.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-level privileges. Autonomous invocation is allowed (platform default) but not accompanied by broad credential or install demands that would increase risk.
Assessment
This skill appears internally consistent for managing IDX Broker via the Membrane CLI. Before installing: confirm you trust the @membranehq/cli package and the getmembrane.com project (review the npm package and GitHub repository), be aware npm -g installs run code on your machine, and complete the browser-based login only if you recognize and trust the authentication flow. If you need tighter control, consider running the CLI in a sandbox or reviewing the connector configuration and any access scopes granted when you authenticate.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f7r4mf74tnr1aqfvjzz7239843bys

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments