ClawHub

Insightsoftware

v1.0.2

Insightsoftware integration. Manage data, records, and automate workflows. Use when the user wants to interact with Insightsoftware data.

0· 64·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (Insightsoftware integration) match the actions and CLI commands in SKILL.md: it instructs the agent to use the Membrane CLI to discover connectors, create connections, run actions, and proxy API requests. Nothing requested appears unrelated to interacting with Insightsoftware via Membrane.
Instruction Scope
The SKILL.md only instructs use of the Membrane CLI (login, connect, action list/run, request). It does not ask the agent to read arbitrary local files, environment variables, or post data to unexpected endpoints. Authentication is performed via browser-based OAuth flows handled by Membrane, not by requesting local secrets.
Install Mechanism
There is no formal install spec in the registry; the doc recommends installing the @membranehq/cli via npm (global). npm packages are a common delivery method but carry moderate supply-chain risk — verify the package name, publisher, and repository (the SKILL.md points to a membrane GitHub repo) before installing globally; using npx avoids a global install.
Credentials
The skill declares no required env vars, credentials, or config paths. All credential handling is delegated to Membrane's hosted service and browser-based login, which is proportionate to the described integration.
Persistence & Privilege
The skill is not always-enabled and has no install-time persistence or instructions to modify other skills or system-wide settings. Autonomous invocation remains enabled (platform default), which is normal and not excessive here.
Assessment
This skill is instruction-only and delegates auth to the Membrane CLI; it's coherent with its stated purpose. Before installing/using: verify the npm package @membranehq/cli and its publisher (or prefer npx to avoid a global install), confirm the Membrane GitHub repo matches the publisher, avoid running npm installs as root, and ensure you trust the Membrane service for hosting your connector credentials. If you require stricter controls, disable autonomous skill invocation or only run the commands in a controlled environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk970qjeh89q1anww5wd07z25kh843zs7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments