ClawHub

Templated

v1.0.2

Templated integration. Manage data, records, and automate workflows. Use when the user wants to interact with Templated data.

0· 53·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The SKILL.md describes integrating with a third-party service (Templated) via the Membrane platform and only asks the user to install and use the Membrane CLI; these needs align with the skill's stated purpose.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI, creating/using connections, listing and running actions, and proxying requests through Membrane. The instructions do not request unrelated files, system state, or other credentials.
Install Mechanism
No install spec is embedded in the skill (lowest risk). The docs recommend installing @membranehq/cli via 'npm install -g', which is a reasonable and expected mechanism but means running third-party code from npm globally; users should verify the package and prefer scoped installs or virtual environments if they are cautious.
Credentials
The skill declares no environment variables, credentials, or config paths. SKILL.md explicitly advises using Membrane to manage secrets and not asking users for API keys, which is proportionate to the integration.
Persistence & Privilege
The skill is not marked always:true, does not request persistent system privileges, and does not modify other skills. Autonomous invocation is allowed (platform default) but is not combined here with broad privileges.
Assessment
This skill appears coherent and low-risk: it is an instruction-only integration that relies on the Membrane CLI to proxy requests to Templated. Before installing or following the instructions: 1) verify the @membranehq/cli package on npm and the vendor (getmembrane.com) to ensure you trust it; 2) prefer installing CLI tools in a controlled environment (npx, a project-local install, or a container) instead of a global npm install; 3) be mindful of what data you send through the Membrane proxy (don't transmit secrets you don't intend to share) and review any proxy endpoints you call; and 4) if you need stronger assurance, inspect the Membrane CLI source (GitHub repo) and the package's recent publish history before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fh7pb48mnxm4fv4kmhpk7d9843n9v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments