ClawHub

Supersaas

v1.0.2

SuperSaaS integration. Manage Schedules, Resources, Services, Promotions, Dashboards, Reports. Use when the user wants to interact with SuperSaaS data.

0· 73·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (SuperSaaS integration) match the instructions: all steps and examples use the Membrane CLI to list, run, and proxy SuperSaaS API calls. No unrelated services or credentials are requested.
Instruction Scope
SKILL.md limits instructions to installing and using the Membrane CLI, creating connections, listing/running actions, and proxying requests to SuperSaaS. It does not instruct reading arbitrary local files, environment variables, or sending data to unexpected endpoints.
Install Mechanism
The skill is instruction-only and asks users to run `npm install -g @membranehq/cli`. That is a normal way to obtain the Membrane CLI, but installing a global npm package executes third-party code on the system — users should verify the package and source before installing. There is no automated download/install baked into the skill.
Credentials
The skill declares no required environment variables, credentials, or config paths. Authentication is delegated to Membrane's browser-based flow. Requested access is proportional to the stated purpose.
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges. It's an instruction-only skill that relies on the Membrane CLI and user-initiated auth flows.
Assessment
This skill appears to do what it claims: it instructs you to install and use the Membrane CLI to manage SuperSaaS data. Before installing or using it: 1) Verify the @membranehq/cli npm package (check the npm page, repository, and recent publisher activity) because global npm installs run third-party code on your machine. 2) Review the permissions/scopes when you authenticate via the browser — the Membrane connector will request access to your SuperSaaS account. 3) If you operate in a locked-down or headless environment, follow the documented headless flow carefully and avoid pasting sensitive credentials into untrusted consoles. 4) If you prefer not to install global tools, consider running the CLI in an isolated environment (container/VM) or use an account with minimal privileges. Overall, nothing in the skill appears disproportionate or unexpected.

Like a lobster shell, security has layers — review code before you run it.

latestvk977n1cnxwtyfhzfaad594ydr9842c24

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments