Noyo
v1.0.0Noyo integration. Manage data, records, and automate workflows. Use when the user wants to interact with Noyo data.
⭐ 0· 29·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description say 'Noyo integration' and the SKILL.md exclusively documents using the Membrane CLI to discover connectors, create connections, run actions, and proxy requests to Noyo. Required capabilities (network, Membrane account, Membrane CLI) are consistent with the described purpose.
Instruction Scope
Instructions are focused on installing/using the @membranehq/cli and running commands (login, connect, action list/run, request). They do not instruct reading unrelated files, environment variables, or system config. Important operational note: the commands create connections and proxy requests through Membrane, which means Noyo credentials and request payloads will traverse and/or be stored by the Membrane service — the skill explicitly recommends letting Membrane handle credentials.
Install Mechanism
There is no registry-level install spec; the README tells users to install @membranehq/cli via npm -g or npx. Using a public npm package is a common approach but carries moderate risk (running third-party code locally). No obscure URLs or archive downloads are recommended.
Credentials
The registry lists no required env vars or credentials. The instructions explicitly advise not to collect API keys locally and to use Membrane-managed connections. This is proportionate to the skill's purpose, though it does shift trust to Membrane for credential handling.
Persistence & Privilege
Skill is instruction-only with no install-time persistence, always:false, and normal agent invocation settings. It does not request modification of other skills or system-wide configuration.
Assessment
This skill is coherent: it teaches the agent to use the Membrane CLI to interact with Noyo. Before installing or using it, consider: (1) Membrane will proxy and manage credentials — review Membrane's privacy, security, and data-retention policies because your Noyo requests and credentials may be stored or routed through their service; (2) installing @membranehq/cli (npm -g) runs third-party code locally — verify the package and its publisher (e.g., check the npm page, GitHub repo, and release provenance); (3) browser-based auth and headless copy/paste codes mean someone must complete authentication in a browser — avoid pasting sensitive secrets into untrusted environments; and (4) avoid using this with highly sensitive PII unless you trust Membrane and have reviewed their security/compliance docs. If you need higher assurance, request the skill author to provide a link to the specific CLI package/repo and documentation or to provide an alternative that uses direct, auditable API calls with minimal third-party routing.Like a lobster shell, security has layers — review code before you run it.
latestvk976804rx1vx2svh1wd03nfefx849v2y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.