Laposta
v1.0.2Laposta integration. Manage Accounts. Use when the user wants to interact with Laposta data.
⭐ 0· 72·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (Laposta integration) matches the instructions: all shown commands use the Membrane CLI to connect to and operate on Laposta resources. Required capabilities (network access, a Membrane account) are reasonable for this purpose.
Instruction Scope
SKILL.md confines itself to installing/using the Membrane CLI, creating connections, listing/running actions, and proxying requests to the Laposta API. It does not instruct reading unrelated files, harvesting extra env vars, or sending data to unexpected endpoints. It does open a browser for auth (or gives a headless flow).
Install Mechanism
This is an instruction-only skill (no install spec). The doc tells the user to run `npm install -g @membranehq/cli` — a normal approach but it assumes you have npm/node available even though the registry metadata did not declare those requirements. Installing a global npm package writes code to disk (standard risk: trust the npm package and publisher).
Credentials
The skill declares no required environment variables and advises relying on Membrane to manage credentials. That is proportionate: you are not asked to provide Laposta API keys or unrelated secrets.
Persistence & Privilege
The skill does not request always-on presence and does not instruct modifying other skills or system-wide agent settings. It only instructs use of the Membrane CLI and ephemeral browser-based authentication flows.
Assessment
This skill appears coherent: it uses the Membrane CLI to handle auth and to call Laposta, and it does not ask for unrelated secrets. Before installing, verify you are comfortable installing a global npm package (@membranehq/cli) — ensure you have node/npm and review the package's npm page (maintainer, downloads, repository). Confirm you trust the Membrane service and the homepage/repository links, since authentication occurs via an external account and the CLI will send requests to Membrane. If you prefer not to install global npm packages or to give a third-party service access to your Laposta data, do not install; otherwise the design is proportionate and consistent.Like a lobster shell, security has layers — review code before you run it.
latestvk97dcyygznq48yq9r7cg5rma6n843tfe
License
MIT-0
Free to use, modify, and redistribute. No attribution required.