Littledata
v1.0.0Littledata integration. Manage data, records, and automate workflows. Use when the user wants to interact with Littledata data.
⭐ 0· 56·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Littledata integration) align with the instructions (use Membrane CLI to create connections, run actions, and proxy requests to Littledata). One minor mismatch: the registry metadata lists no required binaries, but the SKILL.md assumes a Node/npm environment (it tells users to run `npm install -g @membranehq/cli` and uses `npx` in examples).
Instruction Scope
SKILL.md stays on-task: it describes installing and using the Membrane CLI, logging in, creating connections, listing actions, running actions, and proxying requests to Littledata. It does not instruct the agent to read unrelated files or environment variables. Note: proxying sends requests through Membrane's servers (so data and API calls go to Membrane then to Littledata), which is expected behavior but worth user awareness.
Install Mechanism
This is an instruction-only skill (no install spec). The instructions ask the user/agent to install a public npm package globally (`@membranehq/cli`) or use `npx`. There are no downloads from untrusted URLs or archive extraction steps in the skill itself.
Credentials
The skill declares no required environment variables or credentials and explicitly recommends letting Membrane handle auth rather than asking for API keys. It does require a network connection and a Membrane account, which are proportional to the described functionality.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The skill does not request persistent system-wide privileges or access to other skills' configs.
Assessment
This skill appears to simply document use of the Membrane CLI to access Littledata and does not itself request secrets. Before installing or running commands: 1) Verify you trust the Membrane service (homepage and CLI npm package publisher); review the CLI repository and npm package ownership. 2) When running `membrane login`, watch the browser auth consent and review granted scopes — the login grants Membrane access to your connected services. 3) Prefer using `npx @membranehq/cli@latest` if you want to avoid a global npm install. 4) If you handle sensitive data, consider running the CLI and authorization in an environment you control and review the Membrane privacy/security docs. 5) If you want stronger assurance, check the referenced GitHub repo (https://github.com/membranedev/application-skills) and the Membrane project's security posture before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk97eepmheymbpj7vkq41k3yq0d848mj7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.