Redox
v1.0.2Redox integration. Manage data, records, and automate workflows. Use when the user wants to interact with Redox data.
⭐ 0· 85·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Redox integration) match the instructions: discover and run Redox-related actions via the Membrane CLI and proxy. Required capabilities (network access, Membrane account, membrane CLI) are consistent with the stated purpose.
Instruction Scope
SKILL.md only instructs installing/using the Membrane CLI, logging in, creating connections, listing and running actions, and proxying requests to Redox. It does not instruct reading unrelated files, accessing other services, or exfiltrating data to unexpected endpoints.
Install Mechanism
No automated install spec in the bundle (instruction-only). The doc recommends npm install -g @membranehq/cli (a public npm package) — a reasonable, expected instruction but carries the usual npm-global risks (you should verify package provenance before installing globally).
Credentials
The skill declares no required environment variables or local credentials. It explicitly defers auth to Membrane (server-side), so it does not request unrelated secrets or system credentials.
Persistence & Privilege
No 'always: true' or other elevated persistence is requested. This is a user-invocable, instruction-only skill and does not modify other skills or agent-wide configuration.
Assessment
This skill is coherent and appears to do what it says: use the Membrane CLI to interact with Redox. Before installing, consider: (1) npm global install installs code from the public registry—verify the package name (@membranehq/cli) and check its publisher and recent versions; (2) Membrane acts as a proxy and will hold credentials and see proxied API traffic—if you will be sending protected health information (PHI), confirm Membrane’s data handling, compliance (e.g., HIPAA) and your org’s policies; (3) the login flow opens a browser (or uses a headless code flow) — be prepared to complete interactive auth; (4) network access and a Membrane account are required; (5) if you need to avoid third-party proxies, this skill’s design (proxying via Membrane) may be inappropriate. If you want stronger assurance, ask the skill author for the exact npm package repository URL and Membrane’s security/compliance documentation before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk97d9v1d7e2kens3rmq1001yax842vvd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.