Plivo
v1.0.2Plivo integration. Manage Accounts, Applications, Numbers, Messages, Calls, Conferences. Use when the user wants to interact with Plivo data.
⭐ 0· 78·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Plivo integration) match the runtime instructions: all actions are performed via the Membrane CLI (connect, action run, proxy requests). There are no unrelated env vars, binaries, or config paths demanded.
Instruction Scope
Instructions are limited to installing and using the Membrane CLI, creating a Plivo connection, using pre-built actions, or proxying requests through Membrane. Important behavioral note: proxying means API requests and payloads will transit through Membrane's service (and Membrane will manage authentication), so using the skill shares Plivo request/response data with that third-party service.
Install Mechanism
The registry contains no formal install spec, but SKILL.md instructs installing @membranehq/cli via 'npm install -g'. This is a typical npm install (moderate risk compared to instruction-only), so verify the package's authenticity and be aware a global install requires elevated permissions and downloads code from the public npm registry.
Credentials
The skill requests no local environment variables or credentials. It relies on a Membrane account/connection to manage Plivo credentials server-side, which is proportionate to the stated purpose — but entrusts credential handling to Membrane rather than keeping keys local.
Persistence & Privilege
always is false and there is no indication the skill tries to persist itself or modify other skills; autonomous invocation remains allowed by platform default (not flagged here).
Assessment
This skill appears coherent, but before installing: 1) verify the @membranehq/cli npm package and the Membrane service (check the project repo, package publisher, and package versions) to avoid installing a malicious global package; 2) understand that Membrane will proxy requests and store/refresh Plivo credentials — review Membrane's privacy/security docs and decide whether you trust that third party with your Plivo data; 3) if possible, use least-privilege Plivo credentials or a dedicated subaccount for testing; and 4) avoid sending highly sensitive personal data through the connector unless you’ve accepted the privacy implications.Like a lobster shell, security has layers — review code before you run it.
latestvk9701w69v32edgv5ayfxg8dt398437s2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.