Nexhealth
v1.0.2NexHealth integration. Manage data, records, and automate workflows. Use when the user wants to interact with NexHealth data.
⭐ 0· 78·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description and runtime instructions align: the skill is an instruction-only integration that tells the agent to use the Membrane CLI to interact with NexHealth. Requiring the Membrane CLI and a Membrane account is coherent with the stated purpose.
Instruction Scope
SKILL.md only instructs installing/using the Membrane CLI, performing OAuth-style login, listing/connecting actions, and proxying API requests through Membrane. It does not instruct reading unrelated files or environment variables. Note: it directs the agent/user to perform networked auth flows and to let Membrane handle credentials, which shifts trust to that service.
Install Mechanism
The install step is an npm global install of @membranehq/cli. This is an expected mechanism for a CLI, but npm packages carry supply-chain risk; the skill itself does not provide or download arbitrary archives or use obscure URLs.
Credentials
The skill declares no required env vars, no local config paths, and the instructions explicitly advise against asking users for API keys. The lack of requested secrets is proportionate to an instruction-only wrapper that delegates auth to Membrane.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent system-wide configuration or modify other skills. Autonomous invocation is allowed (platform default) but not combined with other privilege escalations.
Assessment
This skill is internally consistent, but installing and using it delegates NexHealth credentials and proxied API calls to Membrane. Before installing: 1) Verify you trust Membrane (review getmembrane.com, privacy/security docs, and the @membranehq/cli npm package). 2) Prefer using an organizational account and limit the connection's permissions in NexHealth if possible. 3) Inspect the npm package (or its repository) if you can, and avoid running installs as root. 4) Be aware the CLI opens a browser OAuth flow or prints codes for headless environments—don't paste codes into untrusted chat or pages. If you require a stricter trust model, consider integrating directly with NexHealth using your own controlled credentials instead of a third-party proxy.Like a lobster shell, security has layers — review code before you run it.
latestvk97apkfg3gk3jsy07fkgnekknd8421vq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.