Knowbe4
v1.0.2KnowBe4 integration. Manage Users, Roles, Organizations, Persons, Groups, Campaigns and more. Use when the user wants to interact with KnowBe4 data.
⭐ 0· 109·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill name/description (KnowBe4 integration) matches the runtime instructions: it instructs the agent to use the Membrane CLI to create connections, run actions, and proxy requests to the KnowBe4 API. Requiring a Membrane account and network access is expected for this integration.
Instruction Scope
SKILL.md only instructs installation of the Membrane CLI, logging in via browser, creating/listing connections, running actions, and proxying requests to KnowBe4. It does not ask the agent to read unrelated files, environment variables, or system configuration, nor to exfiltrate data to unexpected endpoints.
Install Mechanism
The skill is instruction-only and recommends installing @membranehq/cli via npm (npm install -g). Installing a global npm package is a normal way to get the required CLI, but npm packages run code during install and modify disk state; the user should verify the package source/version (and prefer scoped or pinned versions) before installing.
Credentials
The skill declares no required env vars or credentials and relies on Membrane to handle auth. That is proportionate: authentication is delegated to the Membrane CLI/browser flow rather than asking the skill for secrets.
Persistence & Privilege
The skill is not marked always:true and is user-invocable only. It does not request persistent system-wide privileges or attempt to modify other skills or agent-wide configuration in the provided instructions.
Assessment
This skill is internally consistent: it uses the Membrane CLI to talk to KnowBe4 and does not itself request secrets. Before installing or using it, verify the @membranehq/cli package and its source (check the npm package page and the GitHub repository), review the permissions and scopes requested during the browser login, and consider installing the CLI in an isolated environment if you have security concerns. Avoid installing unpinned global npm packages in production without reviewing the package contents. If you need higher assurance, confirm the KnowBe4 connector is official/trusted in your Membrane tenant and inspect the Membrane CLI release artifacts or checksum before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk970ve1dtwent8c5nndasjb0kx843qay
License
MIT-0
Free to use, modify, and redistribute. No attribution required.