ClawHub

Kamonio

v1.0.2

Kamon.io integration. Manage data, records, and automate workflows. Use when the user wants to interact with Kamon.io data.

0· 55·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description claim a Kamon.io integration and all runtime instructions focus on using the Membrane CLI to connect to Kamon.io, discover actions, run them, and proxy API requests — this matches the stated purpose.
Instruction Scope
SKILL.md stays on-topic: it instructs installing and using the Membrane CLI, creating connections, listing and running actions, and proxying requests to Kamon.io. It does not instruct reading unrelated files, exporting unrelated credentials, or contacting endpoints outside Membrane/Kamon.io. It does recommend browser-based login flows and headless completion codes.
Install Mechanism
There is no automated install spec in the registry (skill is instruction-only). SKILL.md directs the user to install @membranehq/cli via npm (global install or npx). That is a standard approach but does execute code from the npm registry — users should trust the package/maintainer and may prefer to inspect the package or install in a controlled environment.
Credentials
The skill declares no required environment variables or credentials and explicitly advises using Membrane connections instead of local API keys. This is proportionate: the integration relies on Membrane to manage authentication.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide settings, and contains no install-time hooks. Autonomous invocation is allowed (default) but not combined with other suspicious privileges.
Assessment
This skill is coherent but depends on trusting the Membrane service and its CLI package. Before installing or using it: (1) verify the @membranehq/cli npm package and maintainer (review source on GitHub if possible); (2) prefer using npx in an isolated environment or install locally rather than a global install if you want tighter control; (3) be mindful of the browser-based/ headless auth flow (do not paste auth codes into untrusted channels); (4) remember Membrane will handle auth and proxy requests — if you have sensitive data, confirm the privacy/security posture of Membrane and that connections use least-privilege; (5) if you need stronger guarantees, ask the skill author for a provenance link to their repository or a signed release of the CLI.

Like a lobster shell, security has layers — review code before you run it.

latestvk9783bf88pr9gcys4rws8s0k4s843e4q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments