Restack
v1.0.0Restack integration. Manage data, records, and automate workflows. Use when the user wants to interact with Restack data.
⭐ 0· 47·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Restack integration) align with the instructions (use Membrane CLI to list connectors, create connections, run actions, and proxy Restack API calls). All required capabilities (network access, Membrane account) are appropriate for the stated purpose.
Instruction Scope
SKILL.md only directs the agent/user to install and use the Membrane CLI and to perform connector/auth flows and API calls via Membrane. It does not instruct reading unrelated files, exporting system credentials, or sending data to unexpected endpoints. Proxying arbitrary Restack endpoints via an authenticated connection is broad but consistent with the skill's goal (it operates through the user's Membrane connection).
Install Mechanism
This is an instruction-only skill (no install spec). It advises installing @membranehq/cli via npm (or using npx). Advising global npm installs and npx remote execution is common here but carries normal supply-chain considerations (you should trust the package and registry). The skill itself does not perform or automate any installs.
Credentials
The skill declares no required environment variables or credentials and explicitly recommends using Membrane connections (server-side auth) rather than collecting API keys locally. That is proportionate and expected for this integration.
Persistence & Privilege
always is false and the skill is user-invocable. There is no request to modify other skills or system-wide settings. The skill does not request permanent presence or elevated agent privileges.
Assessment
This skill appears to do what it says: it guides use of the Membrane CLI to work with Restack. Before installing or using it, confirm you trust getmembrane.com/@membranehq and the @membranehq/cli package on npm; installing global npm packages and using npx executes third-party code from the registry. When you create a Membrane connection, review the OAuth scopes/permissions granted to the connector and only authorize what you need. In headless or automated flows, be cautious with one-time codes and ensure you complete auth in a trusted browser. If you prefer not to install anything, you can avoid global installs and instead run commands in a controlled environment (container/VM) or skip use of this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97fn1b2va44knpy5p5n588fed84fv2a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.