ClawHub

Tellmoney

v1.0.2

Tell.money integration. Manage data, records, and automate workflows. Use when the user wants to interact with Tell.money data.

0· 47·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the runtime instructions: the SKILL.md exclusively describes using the Membrane CLI to interact with Tell.money. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
The SKILL.md only instructs installing and using the Membrane CLI, logging in, creating connections, listing actions, running actions, and proxying requests to Tell.money. It does not direct the agent to read arbitrary files, harvest unrelated environment variables, or send data to third-party endpoints beyond Membrane/Tell.money.
Install Mechanism
The skill is instruction-only (no install spec). It recommends installing @membranehq/cli via npm -g or using npx. Recommending a global npm install is reasonable but has typical local privilege/attack-surface implications if you run it — using npx is lower-friction and avoids a global install.
Credentials
No environment variables or credentials are declared or required. The documentation explicitly states Membrane handles auth, which aligns with the lack of required local secrets.
Persistence & Privilege
Skill metadata does not request always:true and does not require modifying other skills or system-wide config. Normal autonomous invocation settings are unchanged.
Assessment
This skill appears coherent and limited to using the Membrane CLI to access Tell.money. Before installing/running anything: (1) verify you trust Membrane (@membranehq) and the homepage/repository links; (2) prefer running with npx rather than installing a global npm package if you want to avoid changing system-wide binaries; (3) be aware that 'membrane login' opens a browser and will establish credentials for the CLI (tokens may be stored locally or managed by Membrane); (4) review what specific Membrane connector/actions you grant access to, since those actions can read/manage financial data; and (5) if you need a higher assurance level, inspect the Membrane CLI source or official docs to confirm how credentials and proxying are handled.

Like a lobster shell, security has layers — review code before you run it.

latestvk9750qzm7xfs70133km6kmyhj98434y6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments