Mezmo
v1.0.2Mezmo integration. Manage Organizations. Use when the user wants to interact with Mezmo data.
⭐ 0· 122·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill claims to integrate with Mezmo and all runtime instructions describe using the Membrane CLI to connect, list actions, run actions, and proxy requests to Mezmo. Required artifacts (no env vars, no binaries declared) are consistent because Membrane handles auth. The homepage and repository referenced are for Membrane, which is the expected intermediary.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, logging in via browser, creating connections, listing actions, and proxying API requests. It does not ask the agent to read unrelated files, harvest environment variables, or send data to unexpected endpoints beyond Membrane/Mezmo.
Install Mechanism
There is no automated install spec; the README tells the user to run `npm install -g @membranehq/cli`. That is a normal, traceable public npm package install but it does require installing a third-party global CLI. This is expected for a CLI-based integration but the user should verify the package/source before installing.
Credentials
The skill requests no environment variables or secrets and explicitly says not to ask users for API keys because Membrane manages credentials. This is proportionate to the stated design (Membrane-as-proxy).
Persistence & Privilege
The skill is not always-enabled, does not request elevated system privileges, and does not modify other skills or system-wide config. Autonomous invocation is allowed (platform default) but not combined with other red flags.
Assessment
This skill appears coherent: it integrates Mezmo by instructing the agent to use the Membrane CLI, which handles authentication and proxies requests. Before installing or running commands: (1) verify you trust the Membrane project and the npm package (@membranehq/cli) and optionally review its source on the referenced repository; (2) be aware that installing a global npm CLI makes a program available on your host—only install if you trust it; (3) the CLI will open browser-based auth and make network requests to Membrane/Mezmo services, so ensure outbound network access is acceptable; (4) no API keys or other unrelated credentials are requested by the skill itself. If you want extra assurance, inspect the referenced GitHub repository and the npm package contents before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk976j60mpgnd9dn7vrbrm5ygjx8426kb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.