ClawHub

Paubox

v1.0.2

Paubox integration. Manage data, records, and automate workflows. Use when the user wants to interact with Paubox data.

0· 91·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims to integrate with Paubox and all documented steps use the Membrane CLI to discover connectors, create connections, run actions, and proxy API calls. Requesting a Membrane account and installing @membranehq/cli is coherent with that stated purpose.
Instruction Scope
Runtime instructions are limited to installing and using the Membrane CLI, logging in via browser (or headless flow), listing connectors/actions, running actions, and proxying requests. The instructions do not ask the agent to read local files or unrelated env vars. Important operational note: using 'membrane request' and action runs will send request payloads through Membrane's servers, so any data you pass (including PHI) will transit/be visible to that service.
Install Mechanism
Install is an npm global install (npm install -g @membranehq/cli). This is a typical mechanism but carries the usual npm risks (package integrity, supply-chain risk, need for privilege to install globally). No direct downloads from arbitrary URLs are used.
!
Credentials
The skill does not request local environment variables or secrets, which is appropriate. However, it depends on an external Membrane account and on Membrane storing/handling Paubox credentials and proxied requests. Because Paubox commonly handles PHI, you should confirm Membrane's data handling, retention, and HIPAA compliance before using this skill with sensitive data.
Persistence & Privilege
The skill is instruction-only, has no install spec that writes files, and does not request always:true. Autonomous invocation is allowed (platform default), but the skill does not request elevated or persistent agent privileges beyond normal usage.
Assessment
This skill appears to do what it says: it uses the Membrane CLI to talk to Paubox. Before installing or using it, verify these things: (1) Inspect the @membranehq/cli package on npm/GitHub to confirm publisher identity and recent activity; (2) Confirm Membrane's privacy, retention, and HIPAA practices because requests (and any PHI you supply) will transit/likely be visible to Membrane when you use the proxy or run actions; (3) Avoid pasting PHI into prompts or commands until you've confirmed compliance; (4) If you cannot trust Membrane for PHI, consider configuring a direct Paubox integration that you control or use minimal-scope test data; (5) Note global npm installs require privileges — consider using npx or an isolated environment if you prefer not to install globally. If you want higher assurance, ask the publisher for the exact repository, package checksum, and a statement about PHI handling.

Like a lobster shell, security has layers — review code before you run it.

latestvk970jank96e5pv9kd62wym25an843sgp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments