ClawHub

Mparticle

v1.0.2

MParticle integration. Manage data, records, and automate workflows. Use when the user wants to interact with MParticle data.

0· 103·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (MParticle integration) match the instructions: the SKILL.md exclusively documents using the Membrane CLI to connect to and interact with MParticle. No unrelated credentials, binaries, or paths are requested.
Instruction Scope
Runtime instructions are limited to installing/using the Membrane CLI, creating/listing connections, running actions, and proxying API requests. They do not ask the agent to read arbitrary local files, harvest unrelated environment variables, or send data to unexpected endpoints outside Membrane/MParticle.
Install Mechanism
There is no packaged install spec; the doc instructs installing @membranehq/cli via npm (global). This is expected for a CLI workflow, but installing global npm packages runs code from the npm registry — the user should verify the package identity and trust the @membranehq org before installing.
Credentials
The skill declares no required env vars or credentials and explicitly delegates auth to Membrane (server-side). That is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled, requires explicit invocation, and contains no instructions to modify other skills or system settings. Autonomous invocation is allowed by default but not combined with other red flags.
Assessment
This skill is instruction-only and uses the Membrane CLI to access MParticle; that is internally consistent. Before installing or using it: (1) confirm you trust Membrane/@membranehq (review the npm package and repository) because installing a global npm CLI executes third‑party code; (2) be aware data and API calls will be proxied through Membrane's service — review their privacy/security/compliance policies if you will send customer data; (3) the login flow opens a browser (or exposes a code for headless flows), so follow secure device/browser practices; and (4) verify the exact CLI package/version from official sources (getmembrane.com and the GitHub repository) to avoid typosquatting or malicious packages.

Like a lobster shell, security has layers — review code before you run it.

latestvk971dj1fenckbvy8pn7s38jbmh842sp8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments