ClawHub

Tisane Labs

v1.0.0

Tisane Labs integration. Manage data, records, and automate workflows. Use when the user wants to interact with Tisane Labs data.

0· 30·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: the skill delegates communication to the Membrane CLI and Membrane proxy to access Tisane Labs. There are no unrelated required env vars, binaries, or config paths that don't belong to a connector-based integration.
Instruction Scope
SKILL.md only instructs installing and using the @membranehq/cli, running membrane login/connect/action/request commands, and using Membrane to proxy to Tisane. It does not ask the agent to read arbitrary files, harvest unrelated environment variables, or transmit data to unexpected endpoints outside the Membrane/Tisane flow.
Install Mechanism
There is no registry install spec; the README recommends running `npm install -g @membranehq/cli`. That is a public npm package (moderate-risk install). Because the skill is instruction-only, nothing is automatically downloaded, but users/agents following the instructions would install a global npm package — verify package authenticity/maintainer and consider the implications of installing global CLIs.
Credentials
The skill declares no required env vars or secrets and explicitly advises letting Membrane handle credentials. Requesting no local credentials is proportionate. Note: Membrane will hold/relay the auth for Tisane, so trust in that service is required.
Persistence & Privilege
always:false (default), and the skill does not request persistent system-wide changes or access to other skills' configs. Autonomous invocation (model-invocation enabled) is normal but not excessive here.
Assessment
This skill appears coherent and limited to using the Membrane CLI to reach Tisane Labs, but before installing or using it you should: 1) Verify the @membranehq/cli package and its repository (owner, recent commits, npm publisher) to ensure you trust the code you may install globally; 2) Review Membrane's privacy/security policy (getmembrane.com) because Membrane will hold and proxy your Tisane credentials and traffic; 3) Be aware that membrane login opens a browser to grant access — treat that OAuth flow like granting any third-party access; 4) If you dislike installing a global npm CLI or giving an agent the ability to run CLI commands autonomously, run the commands manually instead of granting automated invocation; and 5) In headless or CI environments follow the documented headless-login flow and avoid pasting secrets into untrusted environments.

Like a lobster shell, security has layers — review code before you run it.

latestvk97amm604e16vn4vzd435mdke984689h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments