ClawHub

Recharge

v1.0.0

ReCharge integration. Manage Customers. Use when the user wants to interact with ReCharge data.

0· 57·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (ReCharge integration) matches the instructions: all actions are performed via the Membrane CLI and the README documents how to connect, list actions, run actions, and proxy raw ReCharge requests. No unrelated environment variables, binaries, or config paths are requested.
Instruction Scope
SKILL.md tells the agent to install and run the Membrane CLI, authenticate (browser flow or headless code), and optionally proxy raw ReCharge API calls through Membrane. The instructions do not ask the agent to read unrelated files or system secrets. Important caution: proxying routes ReCharge requests (and any included data) through Membrane's service, so sensitive data will be sent to that third party.
Install Mechanism
There is no packaged install spec, but the instructions ask the user to run `npm install -g @membranehq/cli`. Installing a global npm package is a normal approach for a CLI but is a moderate-risk action: it executes third-party code from the npm registry and modifies the system's global packages. The instruction does not use arbitrary download URLs or extract archives.
Credentials
The skill declares no required env vars or credentials and explicitly advises not to ask users for API keys, which is proportionate. Note that authentication happens through Membrane (server-side) and the CLI, so credentials and API traffic will be managed/stored by Membrane and/or the CLI — you must trust that vendor for credential handling and data storage.
Persistence & Privilege
The skill is instruction-only, always:false, and does not request persistent platform-level privileges or modify other skills. The only persistence is the expected behavior of the Membrane CLI (local configuration and possibly stored tokens) after login, which is normal for a CLI-based integration.
Assessment
This skill appears coherent and uses Membrane to manage ReCharge authentication rather than asking you for keys directly. Before installing: (1) decide whether you trust Membrane (@membranehq) to handle your ReCharge credentials and request traffic (this will forward data to their servers); (2) review the npm package (@membranehq/cli) source or maintainers before running `npm install -g` on production machines; (3) be aware the CLI will store auth state locally after login; and (4) if you require full control over credentials or data residency, consider calling ReCharge's API directly with your own credentials instead of using a proxy service.

Like a lobster shell, security has layers — review code before you run it.

latestvk974wgappcd57sb1p4jk1000ed83kdfx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments