ClawHub

Piloterr

v1.0.2

Piloterr integration. Manage Organizations, Pipelines, Users, Goals, Filters. Use when the user wants to interact with Piloterr data.

0· 98·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the runtime instructions: the skill delegates Piloterr interactions to the Membrane CLI/proxy. Required network access and a Membrane account are appropriate for this purpose; no unrelated env vars, binaries, or config paths are requested.
Instruction Scope
SKILL.md tells the agent to install/use the Membrane CLI, run Membrane commands to create/list connections, list/run actions, and proxy requests to Piloterr. It does not instruct reading local files or unrelated environment variables, nor does it direct data to unexpected external endpoints beyond Membrane/Piloterr.
Install Mechanism
The skill is instruction-only (no install spec). It tells users to install @membranehq/cli via npm or use npx, which will fetch code from the npm registry — a normal but non-zero-risk operation. This is proportionate to the stated functionality but the user should be aware that npx/npm will download remote code.
Credentials
No environment variables or credentials are required by the skill. The doc explicitly delegates credential handling to Membrane and instructs not to ask users for API keys, which aligns with the integration model.
Persistence & Privilege
The skill does not request always:true, does not declare special config paths, and is user-invocable only. It does not attempt to modify other skills or system-wide settings.
Assessment
This skill is instruction-only and uses the Membrane CLI to talk to Piloterr. Before installing or following the instructions: verify you trust Membrane (check the homepage and GitHub repo), be aware that npm/npx will download and run code from the npm registry, and expect an OAuth/browser-based login flow where you authenticate to Membrane (not by handing API keys to the agent). If you want to limit risk, run the CLI commands yourself (instead of letting an agent execute them), avoid installing global npm packages unless you trust the publisher, and review any connection IDs or outputs before allowing the agent to act autonomously.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ef5b5cqqj58yk5e9gvqg15s8427nq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments