ClawHub

Qualetics

v1.0.2

Qualetics integration. Manage data, records, and automate workflows. Use when the user wants to interact with Qualetics data.

0· 78·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Qualetics integration) matches the instructions: all actions are performed via the Membrane CLI and a Membrane connection to Qualetics. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md confines actions to installing/using the Membrane CLI, creating connections, listing/running actions, and proxying API calls via Membrane. Be aware that proxying and connections route requests through Membrane (a third party), so Qualetics data and auth flow through Membrane's service — this is expected but important for privacy/trust.
Install Mechanism
There is no registry install spec; the docs instruct users to install @membranehq/cli via npm (global). This is a standard public-registry install (moderate risk compared to 'no install'), so users should verify the npm package identity and review permissions before globally installing.
Credentials
The skill declares no required environment variables or local secrets. It requires a Membrane account (expected) but does not ask for unrelated credentials. Users should note that Membrane will hold and refresh Qualetics credentials on their behalf.
Persistence & Privilege
Skill is instruction-only, has no install manifest, and is not always-on. It does not request persistent elevated privileges or modify other skills' configurations.
Assessment
This skill is internally consistent, but before installing or using it: (1) Verify you trust Membrane (https://getmembrane.com) because Qualetics requests and auth are proxied through their service and they will handle credentials. (2) Inspect the @membranehq/cli npm package (publisher, version, and checksum) before running npm install -g. (3) Use a least-privilege Membrane account or test tenant for sensitive data. (4) Confirm which Qualetics endpoints/actions will be accessed and avoid sending unrelated sensitive files or credentials through the proxy. (5) If you need stronger assurance, ask the maintainer for the repository/package source and a reproducible install (signed release or GitHub release) before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk977p7g0s559v02m95ywg0tdfx843wyr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments