ClawHub

Refersion

v1.0.2

Refersion integration. Manage Affiliates, Products, Offers. Use when the user wants to interact with Refersion data.

0· 78·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md consistently instructs using the Membrane CLI to manage Refersion resources. No unrelated services, credentials, or binaries are requested.
Instruction Scope
Instructions limit actions to installing and using the Membrane CLI, creating connections, running actions, and proxying requests to Refersion via Membrane. The doc does not instruct reading local secrets, unrelated files, or exfiltrating data to unexpected endpoints.
Install Mechanism
No install spec in skill bundle; SKILL.md asks the user to run `npm install -g @membranehq/cli`. This is a standard npm package install (traceable to the @membranehq namespace) — expected for a CLI-based integration but carries the usual caution about installing global npm packages from registries.
Credentials
The skill declares no required env vars or credentials and explicitly recommends creating a Membrane connection rather than asking for API keys. Requested access (network + Membrane account/browser auth) is proportionate to the described functionality.
Persistence & Privilege
Skill is instruction-only, not always-enabled, and does not request persistent system-level privileges or modify other skills. It relies on the Membrane service for auth lifecycle, so no local credential storage is requested by the skill.
Assessment
This skill is coherent and uses the Membrane CLI to proxy Refersion API calls. Before installing: (1) confirm you trust the Membrane project (@membranehq) and its CLI package on npm; (2) be aware `npm install -g` installs a global binary — review the package source (GitHub repo) if you have concerns; (3) follow the documented browser-based auth flows and do not paste private API keys into chat. If you require on-prem or zero-trust constraints, verify that using a third-party proxy service (Membrane) fits your security policy.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bmz8npygywmezjnsfz69s91842pw7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments