ClawHub

Stackery

v1.0.2

Stackery integration. Manage data, records, and automate workflows. Use when the user wants to interact with Stackery data.

0· 84·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Stackery integration) align with the instructions: the skill tells the agent to use the Membrane CLI to connect to a Stackery connector and run Stackery-related actions. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md is instruction-only and stays on-topic (installing/using Membrane CLI, listing actions, running actions, and proxying requests). It explicitly instructs routing Stackery API calls through Membrane's proxy and to perform browser-based auth. This is within scope, but it means data and auth flows go through Membrane's service (not direct to Stackery).
Install Mechanism
No install spec in the registry, but the instructions recommend installing @membranehq/cli via npm (npm install -g). Fetching a CLI from the npm registry is a typical choice but is a moderate-risk operation compared with instruction-only skills because it downloads and installs third-party code; the guidance to use npx mitigates global install concerns.
Credentials
The skill requests no environment variables, files, or unrelated credentials. It relies on Membrane to manage authentication instead of asking users for API keys, which is proportionate to its stated purpose. The implicit requirement is that you will authenticate via Membrane (browser flow or headless code), so Membrane will hold the credentials.
Persistence & Privilege
always is false and there are no config paths or system-wide changes requested by the skill. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
Assessment
This skill is coherent: it uses the Membrane CLI to access Stackery through a Membrane connector. Before installing or running it, consider that (1) API traffic and credentials will be proxied through Membrane's service — review Membrane's privacy, security, and trustworthiness if that matters for your data; (2) the instructions suggest installing a third‑party CLI from npm (global install is suggested but you can prefer npx or a controlled environment to avoid polluting your system); and (3) verify the connector and actions you run (IDs and JSON outputs) to avoid performing unintended operations. If you need strict control over credentials or direct Stackery API access, evaluate using Stackery's official tooling instead of a third‑party proxy.

Like a lobster shell, security has layers — review code before you run it.

latestvk9764svmcj0s66hreh8n9cbj6h843w3s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments