ClawHub

Iterate

v1.0.2

Iterate integration. Manage Organizations. Use when the user wants to interact with Iterate data.

0· 127·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Iterate integration) matches the instructions: install and use the @membranehq/cli to connect to Iterate, list actions, run actions, and proxy API requests. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md only instructs the agent to install and run the Membrane CLI, perform OAuth-style browser login flows, create/inspect connections, run actions, and proxy requests to Iterate through Membrane. It does not instruct reading local files, searching system state, or exfiltrating data to unexpected endpoints.
Install Mechanism
Install is via npm (npm install -g @membranehq/cli). This is a reasonable, expected mechanism for a CLI, but npm packages run code on install and a global install can modify the system. Verify the package name, publisher, and repository before installing; consider using npx or a local install if you prefer not to install globally.
Credentials
No environment variables or secrets are required by the skill. Authentication is handled via Membrane's browser-based login and server-side credential management, which is coherent with the stated purpose. The SKILL.md explicitly advises against asking the user for API keys.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide configuration changes or access to other skills' credentials. Autonomous invocation is allowed by default (normal) and appropriate for this integration.
Assessment
This skill is instruction-only and appears coherent: it uses Membrane CLI to access Iterate and does not request extra creds. Before installing, verify the @membranehq/cli package and publisher (check the package registry and the referenced GitHub repo), and consider using npx or a local install instead of a global npm install if you want to avoid modifying system-wide state. Be mindful when using the proxy feature: it will send arbitrary requests through Membrane, so avoid sending sensitive local data unless you trust the Membrane account and service.

Like a lobster shell, security has layers — review code before you run it.

latestvk97abj3f62s950ykkfenvd4d5s842rz7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments