ClawHub

Sertifi

v1.0.2

Sertifi integration. Manage data, records, and automate workflows. Use when the user wants to interact with Sertifi data.

0· 59·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Sertifi integration) aligns with the instructions: everything is about using the Membrane CLI to manage Sertifi resources. Required access (network + Membrane account) is expected and proportional.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI (login, create connections, list/run actions, proxy requests). It does not ask the agent to read local files, request unrelated environment variables, or exfiltrate data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill (no code written to disk), but it recommends installing @membranehq/cli globally via npm (npm install -g). Installing a public npm CLI is a standard approach but is a moderate-risk action compared with purely instruction-only skills — users should verify the package and publisher before installing globally.
Credentials
The skill declares no required env vars, no primary credential, and relies on Membrane-managed auth (browser-based login). That is proportionate to the stated function; it explicitly advises not to ask users for API keys.
Persistence & Privilege
The skill does not request persistent or elevated privileges (always: false). It does not modify other skills or system-wide configuration in the instructions.
Assessment
This skill is instruction-only and coherent: it tells the agent to use the Membrane CLI to access Sertifi through Membrane-managed connectors. Before installing or running anything: 1) Verify you trust Membrane and the @membranehq/cli package (check the package on npm and the project's GitHub/homepage). 2) Prefer using an account with only needed permissions for Sertifi connectors. 3) Be cautious when installing global npm packages — verify publisher and package checksum if possible. 4) During browser-based login or headless flows, ensure the authentication URL originates from Membrane/Sertifi (do not paste secrets into untrusted terminals). 5) If you need higher assurance, ask the publisher for the official repository and confirm the connector behavior and scopes for the Sertifi integration.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d5dn1rb0ggpwwahhrw4ma75842fms

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments