ClawHub

Selectpdf

v1.0.2

SelectPdf integration. Manage data, records, and automate workflows. Use when the user wants to interact with SelectPdf data.

0· 67·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with SelectPdf and its SKILL.md consistently instructs using Membrane to connect, discover actions, run actions, and proxy requests to the SelectPdf API. Requesting a Membrane account and network access is coherent for this purpose.
Instruction Scope
The instructions are focused on connector discovery, connection, action discovery, and proxying requests. They reference the Membrane login flow and note that credentials are stored at ~/.membrane/credentials.json — the skill did not declare config paths, but this is an informational detail about the CLI rather than unrelated data collection. No instructions ask the agent to read unrelated system files or exfiltrate data.
Install Mechanism
There is no built-in install spec, but the SKILL.md instructs using `npx @membranehq/cli@latest`. Running npx will fetch and execute a package from the public npm registry at runtime — a common pattern but one that executes third-party code on the host. This is expected for a Membrane-based integration but worth being aware of.
Credentials
The skill declares no required environment variables or credentials; authentication is delegated to Membrane. That is proportionate. One caveat: the instructions mention a local credentials file (~/.membrane/credentials.json) where Membrane stores tokens, which is persistent but expected for this workflow.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. However, the login flow will persist credentials to the user's home directory (~/.membrane/credentials.json). This is normal for a CLI-based auth flow but creates persistent local credentials.
Assessment
This skill is internally consistent and uses Membrane to handle auth and proxying to SelectPdf. Before installing, verify you trust the @membranehq/cli npm package (review its npm page and maintainer), and be aware that running the provided npx commands will download and execute that package and will create a persistent credentials file at ~/.membrane/credentials.json. If you prefer not to run remote npm code on your machine, consider running the commands in an isolated environment (container/VM) or request a skill variant that uses a different, audited integration method. Finally, confirm that proxying SelectPdf requests through Membrane meets your data privacy/compliance requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk973pj563wb9k7f841hbbm689184232b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments