ClawHub

Momentive

v1.0.2

Momentive integration. Manage data, records, and automate workflows. Use when the user wants to interact with Momentive data.

0· 92·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Momentive integration) matches the instructions: all runtime steps use the Membrane CLI to discover connectors, create connections, run actions, and proxy API requests to Momentive.
Instruction Scope
SKILL.md only instructs using the Membrane CLI (login, connect, action list/run, request). It does not instruct reading unrelated files, exfiltrating secrets, or contacting arbitrary endpoints beyond Membrane and Momentive API proxying.
Install Mechanism
The doc recommends installing @membranehq/cli via npm (global install). This is reasonable for the claimed purpose, but installing a global npm package modifies the system and the package identity should be verified (npm package and upstream repo). There is no automated install spec in the registry entry itself.
Credentials
The skill declares no required env vars, credentials, or config paths. It delegates auth to Membrane (browser-based login/connection flows), which is proportionate to a connector workflow.
Persistence & Privilege
Skill is instruction-only, no install-time files, and registry flags show always:false and no special privileges. It does not request persistent elevation or modify other skills.
Assessment
This skill is coherent with its stated purpose, but before installing or using it: 1) Verify the @membranehq/cli npm package and the GitHub repository (publisher identity, recent releases, and package integrity) to ensure you trust the CLI you will run. 2) Be aware you will perform a browser-based login and create a connection that lets Membrane proxy requests to Momentive — data sent through Membrane will traverse their service, so review Membrane's privacy and security policies if you handle sensitive data. 3) A global npm install modifies your system (may require root/administrator); consider using a controlled environment (container or dedicated VM) if you are concerned about system changes. 4) If you need stronger assurance, ask the skill author for a package checksum or use the CLI from a vetted, organization-approved source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eqy9ppbjjehrmfgg8wts4ad843e5z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments