ClawHub

Jack Henry

v1.0.2

Jack Henry integration. Manage data, records, and automate workflows. Use when the user wants to interact with Jack Henry data.

0· 110·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: all runtime steps call the Membrane CLI and/or the Jack Henry API via Membrane. Nothing requested (no env vars, no config paths) is inconsistent with a third-party connector integration.
Instruction Scope
SKILL.md stays within scope: it tells the user/agent to install/login to Membrane, create or list connections, run predefined actions, or use Membrane's proxy. It does not instruct reading unrelated files, harvesting environment variables, or exfiltrating data to unknown endpoints.
Install Mechanism
There is no automated install spec in the skill bundle; instructions ask the user to run `npm install -g @membranehq/cli` (and sometimes `npx`) which is a public npm package install. This is expected but carries the usual provenance risk of global npm installs—verify the package and publisher before installing.
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md explicitly directs authentication through Membrane (server-side) rather than asking for API keys locally, which is proportionate to the stated purpose.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It is user-invocable and allows normal autonomous invocation, which is expected for a connector skill.
Assessment
This skill is coherent: it expects you to use the Membrane CLI to connect to Jack Henry rather than storing credentials locally. Before installing or running commands: (1) verify you intend to use Membrane and the official @membranehq package/publisher on npm, (2) prefer using npx or a scoped installation if you want to avoid a global npm install, (3) be prepared to authenticate via browser-based login (Membrane handles server-side creds), and (4) review the connector you create in Membrane to confirm it only has the permissions you expect. If you rely on enterprise policies, confirm the Membrane service and the connector configuration meet your compliance requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk979556v7fwm6fqr6heac2a5r9842vf8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments