ClawHub

Insites

v1.0.2

Insites integration. Manage Organizations, Pipelines, Users, Filters, Activities, Notes and more. Use when the user wants to interact with Insites data.

0· 91·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Insites integration) align with the instructions: all runtime actions are Membrane CLI commands or proxy requests to the Insites API. Nothing in the SKILL.md requests unrelated services or credentials.
Instruction Scope
Instructions are narrowly scoped to installing and using the Membrane CLI, creating a connection, listing/running actions, and proxying requests to Insites. The doc explicitly says not to ask users for API keys and relies on browser-based auth; it does not instruct reading unrelated files or environment variables.
Install Mechanism
This is an instruction-only skill that directs users to install the @membranehq/cli globally via npm (npm install -g). That's a standard delivery method but it requires npm/node and will install a global binary — the SKILL metadata did not declare npm as a required binary, so users should be aware of that implicit dependency.
Credentials
The skill declares no required env vars, config paths, or credentials. All authentication is delegated to Membrane's hosted flow (browser-based login / connection), which is proportional to the stated purpose.
Persistence & Privilege
The skill does not request always: true and does not attempt to modify other skills or system settings. Autonomous invocation is allowed by platform default but not requested beyond the norm.
Assessment
This skill is coherent but requires trusting the Membrane service and installing their CLI. Before installing: (1) verify @membranehq/cli is the official package (check the project homepage/repo and npm publisher), (2) be aware that Membrane will act as a proxy and hold/refresh Insites credentials on your behalf — review their privacy/security docs if you need to limit data exposure, (3) installing globally with npm requires appropriate permissions; consider running via npx or in a controlled environment if you prefer not to add a global binary, and (4) if you allow the agent autonomous invocation, understand it can run membrane commands to list/run actions and proxy API calls on your connections.

Like a lobster shell, security has layers — review code before you run it.

latestvk972w3wgytf9qmymjf7j3q72h5843shv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments