Payload Cms
v1.0.1Payload CMS integration. Manage data, records, and automate workflows. Use when the user wants to interact with Payload CMS data.
⭐ 0· 99·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description state 'Payload CMS integration' and every runtime instruction uses the Membrane CLI to connect, list actions, run actions, and proxy requests to Payload CMS. No unrelated cloud credentials, binaries, or paths are requested.
Instruction Scope
SKILL.md instructs the agent to install and use @membranehq/cli, run login/connect/action/request commands, and perform interactive browser-based auth. It does not instruct reading unrelated files, environment variables, or exfiltrating data to unknown endpoints. Headless auth is noted and requires explicit user action to complete.
Install Mechanism
The skill is instruction-only (no install spec), but it tells users to globally install an npm package (@membranehq/cli). This is a reasonable, proportional requirement for the described CLI-driven workflow, but global npm installs modify the host environment and should be vetted (or replaced by npx) before running.
Credentials
The skill declares no required environment variables or credentials. Authentication is delegated to Membrane's hosted flow (browser-based login / connection IDs), which matches the stated guidance to avoid asking for API keys locally.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not request system-wide config changes or persistent elevated privileges in the provided instructions.
Assessment
This skill appears to do exactly what it says: it uses the Membrane CLI to connect to Payload CMS and run actions. Before installing or using it: 1) Verify you trust the @membranehq/cli package and the Membrane service (they will mediate auth and gain access to your Payload CMS data when you create a connection). 2) Prefer running via npx or review the npm package source on GitHub/NPM before doing a global install. 3) Be aware that creating a connection grants Membrane access to the target Payload CMS tenant—only connect accounts you trust. 4) If you need higher assurance, inspect the Membrane CLI repository and the Membrane privacy/security docs, or run commands in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk970bv307pbggh0avzb7w58w9x84hbk1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.