ClawHub

Journyio

v1.0.2

Journy.io integration. Manage data, records, and automate workflows. Use when the user wants to interact with Journy.io data.

0· 82·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with Journy.io and all runtime instructions use the Membrane CLI to discover connectors, create connections, run actions, and proxy API requests. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md stays on‑topic: it instructs install/login to Membrane and how to list/connect/run actions or proxy requests. It does not instruct reading arbitrary local files or pulling unrelated credentials. It does assume network access and browser‑based login for authentication.
Install Mechanism
Install is via npm global: `npm install -g @membranehq/cli`. This is a common package install but writes to disk and may require elevated privileges; it pulls code from the public npm registry (moderate risk versus instruction‑only).
Credentials
The skill declares no required env vars and does not ask for local API keys. However, it delegates authentication and credential storage to Membrane (a third party), which will hold Journy.io credentials and proxy requests — this is proportionate for the stated design but requires trusting Membrane with sensitive tokens and request payloads.
Persistence & Privilege
The skill is instruction‑only and not always‑on; it does not request persistent agent privileges. The only persistence is installing the Membrane CLI (separate binary) if you follow the instructions.
Assessment
This skill appears to do what it says: it uses the Membrane CLI to talk to Journy.io and does not request unrelated credentials. Before installing, verify the @membranehq/cli package and its publisher on npm and the upstream repository/homepage, and review Membrane's docs/privacy to ensure you’re comfortable that it will hold and proxy your Journy.io credentials and any data sent through its proxy. Installing the CLI globally modifies your environment and may require privileges; if you’re cautious, run the CLI in an isolated environment or container and avoid pasting secrets into local commands. If you prefer not to trust a third party with tokens, consider using Journy.io's official API directly with your own key management instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk978p98aqf7y4fkskrn49cwcm5842gh0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments