ClawHub

Labs64 Netlicensing

v1.0.2

Labs64 NetLicensing integration. Manage Products, PaymentMethods, Discounts, Utilities. Use when the user wants to interact with Labs64 NetLicensing data.

0· 84·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe a NetLicensing integration and the instructions only require the Membrane CLI, a Membrane account, and network access — all reasonable and directly related to the stated purpose.
Instruction Scope
SKILL.md stays on-topic: it tells the agent to install and use the Membrane CLI, log in, create/connect a connector, list and run actions, and optionally proxy raw API calls through Membrane. It does not instruct reading unrelated files or harvesting unrelated credentials.
Install Mechanism
The skill is instruction-only (no install spec), but it instructs users to run `npm install -g @membranehq/cli`. Installing a public npm CLI is a reasonable step for this integration but does carry the usual supply-chain considerations for npm packages.
Credentials
The skill declares no required env vars or credentials. It relies on Membrane to manage NetLicensing credentials via browser-based auth, which is proportional to the integration. There are no unrelated credential requests.
Persistence & Privilege
Skill is not forced-always and is user-invocable. It does not request elevated platform privileges or attempt to modify other skills or system-wide agent settings.
Assessment
This skill appears coherent: it delegates auth and API access to the Membrane CLI and asks you to install @membranehq/cli and log in via browser. Before installing or using it: (1) verify you trust the Membrane service/operator (credentials and proxied requests go through their platform); (2) inspect the @membranehq/cli package on npm/GitHub if you want to review what it does; (3) avoid proxying sensitive unrelated data through Membrane and be cautious when using the raw proxy endpoint; (4) prefer using non-root/npm sandboxing (or npx) if you are concerned about global npm installs. No unrelated credentials or hidden install steps were found.

Like a lobster shell, security has layers — review code before you run it.

latestvk974d2wqa7q6qngga0r4jmg2jx8429b1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments