ClawHub

Modern Treasury

v1.0.2

Modern Treasury integration. Manage Organizations. Use when the user wants to interact with Modern Treasury data.

0· 104·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Modern Treasury integration) match the instructions: all actions are performed through the Membrane CLI which proxies requests to Modern Treasury. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md instructs the agent/user only to install and use the Membrane CLI, create/connect a connector, list actions, run actions, and optionally proxy raw API requests via Membrane. It does not ask the agent to read local secrets, system files, or unrelated config, nor to exfiltrate data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec. It directs users to install a global npm package (@membranehq/cli) or use npx. Installing an npm package is a normal step for CLI tools but carries the usual supply-chain risk of third-party packages; the instructions use a reasonable, traceable source (npm/@membranehq).
Credentials
The skill declares no required environment variables or credentials and explicitly recommends letting Membrane handle auth rather than asking for API keys. The lack of secret requests is proportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges or modifications to other skills. It relies on an interactive Membrane login flow (browser-based) for auth, which is appropriate for this integration.
Assessment
This skill is coherent: it relies on the Membrane CLI to talk to Modern Treasury and does not ask for API keys or unrelated credentials. Before installing, verify the @membranehq/cli package and the Membrane project (npm page, GitHub repo, and getmembrane.com) to ensure you trust the publisher; installing global npm packages has normal supply-chain risks. Be aware the CLI can proxy arbitrary API calls to Modern Treasury — only use connections you trust and follow your organization’s policy for third-party CLIs and account permissions. If you need higher confidence, inspect the @membranehq/cli source code or ask the publisher for a signed release or provenance information.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767393c9gt61811p11g9r40h843kk7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments