ClawHub

Retently

v1.0.2

Retently integration. Manage Persons, Organizations, Deals, Leads, Projects, Activities and more. Use when the user wants to interact with Retently data.

0· 114·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Retently integration) aligns with the instructions: discover or run Retently actions via the Membrane CLI and use Membrane's proxy when needed. Nothing requested (no env vars, no unrelated binaries) appears out of scope.
Instruction Scope
SKILL.md instructs installing and using the Membrane CLI, logging in, creating connections, listing actions, running actions, and proxying Retently API calls — all within the expected scope for a Retently connector. It does not instruct reading unrelated files or exfiltrating data to third-party endpoints.
Install Mechanism
There is no built-in install spec, but the instructions tell the user to run `npm install -g @membranehq/cli` (and sometimes use `npx`). Installing a global npm package is a normal requirement for a CLI but carries the usual npm risks (the package will run code during install and be placed on the system). This is proportional to the described workflow but worth verifying the package and org on npm before installing.
Credentials
The skill declares no required environment variables or credentials and relies on Membrane's login flow to obtain and manage tokens. That is appropriate for the stated integration and avoids asking the user for API keys directly.
Persistence & Privilege
The skill is not forced always-on and does not request elevated agent-wide privileges. It does rely on the Membrane CLI which will persist authentication tokens locally as part of normal OAuth/session behavior — expected for a CLI integration.
Assessment
This skill is instruction-only and coherent with its description, but before installing or using it: 1) verify the Membrane CLI package (@membranehq/cli) on npm and the maintainers (use the official org/repository links), 2) be aware installing a global npm package runs code on your machine and will store CLI auth tokens locally, 3) review what permissions the Membrane connection requests during the browser login and only grant what you expect for Retently access, and 4) avoid running arbitrary proxy requests you don't understand (e.g., `membrane request ...`) that could send or expose sensitive data. If you want to reduce install friction, prefer using npx where the docs suggest it.

Like a lobster shell, security has layers — review code before you run it.

latestvk975sjba9b885xxvd50wxzm7ps8422cy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments