Kosli
v1.0.0Kosli integration. Manage data, records, and automate workflows. Use when the user wants to interact with Kosli data.
⭐ 0· 54·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill claims to integrate with Kosli and instructs the user/agent to use the Membrane CLI to discover connectors, create connections, run actions, and proxy requests to Kosli. Requiring the Membrane CLI is coherent with that purpose.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, performing login via browser, creating connections, listing actions, running actions, and using a Membrane proxy to call Kosli APIs. It does not instruct reading unrelated local files, requesting unrelated environment variables, or exfiltrating data to unknown endpoints.
Install Mechanism
There is no formal install spec in the registry (instruction-only). The doc recommends installing @membranehq/cli with npm install -g, which is a standard public npm package install. Installing a global npm package modifies the host environment — this is expected for a CLI-based integration but worth noting to users who manage system packages tightly.
Credentials
The skill declares no required env vars, credentials, or config paths. Authentication is delegated to Membrane's browser login flow and connection objects, which is proportionate to the stated goal of interacting with Kosli without asking for direct API keys in the skill.
Persistence & Privilege
The skill does not request always-on presence and does not attempt to modify other skills or system-wide settings. Agent autonomous invocation is allowed (platform default) but is not combined with other broad privileges here.
Assessment
This skill is instruction-only and appears coherent, but check these before installing/using: 1) The instructions require installing @membranehq/cli globally via npm — only install from the official package and understand that global npm installs modify your system PATH. 2) Authentication is performed via Membrane (browser login and connection objects); by using this skill you grant Membrane access to Kosli on your behalf — review Membrane's security/privacy documentation and the permissions requested when creating the connector. 3) When running discovered actions or proxy requests, verify the action IDs and input JSON before executing (avoid running arbitrary actions returned by discovery without inspection). 4) If you do not trust Membrane or prefer not to install CLIs globally, consider using a vetted alternative or running Membrane in an isolated environment. Overall the skill is consistent with its purpose, but trust in the Membrane service is the primary operational dependency.Like a lobster shell, security has layers — review code before you run it.
latestvk97en93amy1zt7q684h6r6dkwh84e894
License
MIT-0
Free to use, modify, and redistribute. No attribution required.