ClawHub

Raet

v1.0.2

Raet integration. Manage data, records, and automate workflows. Use when the user wants to interact with Raet data.

0· 85·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Raet integration) matches the instructions: all actions are calls to the Membrane CLI or to Raet through Membrane. No unrelated credentials, binaries, or system paths are requested.
Instruction Scope
SKILL.md stays within scope: it instructs installing and using @membranehq/cli, logging in (browser-based OAuth flow), listing/connecting to connectors, running actions, and proxying API requests. It does not ask the agent to read local secrets or unrelated files.
Install Mechanism
This is an instruction-only skill with no install spec, but it tells users to run `npm install -g @membranehq/cli`. That is expected for a CLI-driven integration, but installing a global npm package executes code from the npm registry — a normal but non-zero risk. Consider using `npx` or auditing the CLI source if you don't trust the publisher.
Credentials
The skill declares no required env vars, no config paths, and does not ask for API keys. It explicitly recommends using Membrane's connection flow rather than asking for secrets, which is proportional to its purpose.
Persistence & Privilege
always is false and the skill does not request persistent or system-wide privileges. Autonomous invocation is allowed by default (normal); there is no indication the skill modifies other skills or global agent config.
Assessment
This skill is coherent: it teaches the agent to use the Membrane CLI to manage Raet data and does not ask for extra credentials. Things to consider before installing: (1) the SKILL.md recommends installing a global npm package (@membranehq/cli) — only install CLIs from sources you trust or use `npx` to avoid global installs; (2) the CLI will perform network requests and handle OAuth in your browser — ensure you trust Membrane/getmembrane and review their docs/repo if you need higher assurance; (3) if you want to reduce risk, inspect the CLI source code on the project's repo or run it in a controlled environment. Overall there are no red flags in the skill's instructions or requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fm5e2natc6r0az8k0phnq0s8420tf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments