ClawHub

Snipe It

v1.0.2

Snipe IT integration. Manage data, records, and automate workflows. Use when the user wants to interact with Snipe IT data.

0· 103·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims a Snipe-IT integration and its runtime instructions exclusively describe using the Membrane CLI to create connections, run prebuilt actions, and proxy requests to the Snipe-IT API. Requiring a Membrane account and network access is coherent with that purpose.
Instruction Scope
The SKILL.md instructs the agent/operator to install and use the Membrane CLI, perform interactive login flows, create connections, run actions, and proxy arbitrary requests to the target Snipe-IT API via Membrane. It does not instruct reading unrelated local files or environment variables. Note: the documented 'proxy' capability allows sending arbitrary HTTP requests through the user's Membrane connection (expected for this integration, but it grants broad request ability within the scope of that authenticated connection).
Install Mechanism
This is an instruction-only skill (no install spec) that tells the user to install @membranehq/cli with npm (global install) and also uses npx in examples. Installing an npm CLI globally is a moderate supply-chain risk compared to pure instruction-only skills; the package and its provenance should be verified and you may prefer npx or pinning a version rather than a global @latest install.
Credentials
The skill declares no required environment variables and explicitly recommends using Membrane-managed connections rather than asking for API keys. Requesting a Membrane account and authenticated connection is proportionate to the described functionality.
Persistence & Privilege
The skill does not request permanent/always-on inclusion and contains no install-time steps that modify other skills or system-wide agent settings. Default autonomous invocation is allowed by platform policy but is not combined with additional privilege in this skill.
Assessment
This skill appears to do what it says: it uses the Membrane CLI to talk to Snipe-IT. Before installing, verify the @membranehq/cli package and publisher (use the official registry entry or prefer npx/pinned versions), and sign into Membrane only with an account you trust. Be aware that once you create a Membrane connection, the CLI (and any agent actions that use it) can proxy arbitrary HTTP requests to Snipe-IT under that connection’s credentials — which is expected but means you should limit the connection's permissions and monitor activity. If you prefer less risk, run the CLI in an isolated environment or use npx with an explicit version instead of a permanent global install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718pt41cnn5rg52n7vtpnb898420xx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments