ClawHub

Toast

v1.0.2

Toast integration. Manage data, records, and automate workflows. Use when the user wants to interact with Toast data.

0· 88·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say 'Toast integration' and all runtime instructions are about using the Membrane CLI to connect to Toast, discover actions, run actions, and proxy API requests — these are coherent and expected.
Instruction Scope
SKILL.md stays focused on using membrane to authenticate, list/connect connectors, run actions, and proxy Toast endpoints. It does not instruct reading unrelated files or environment variables. One operational note: proxying arbitrary Toast endpoints routes request payloads through Membrane (including whatever data you send), so the user must trust Membrane with any sensitive data they include.
Install Mechanism
No install spec in the skill bundle (instruction-only). The doc instructs users to install the Membrane CLI via npm (npm install -g) and shows npx usage. This is a normal way to run a CLI, but executing packages via npm/npx runs third-party code — users should verify the package identity and trustworthiness before installing globally or using npx.
Credentials
The skill does not request any environment variables, credentials, or config paths. It explicitly recommends using Membrane connections rather than asking the user for API keys, which is proportionate to the described functionality.
Persistence & Privilege
Flags show no always:true and no special OS or persistence requests. The skill is instruction-only and does not ask to modify other skills or system-wide settings.
Assessment
This skill is an instruction-only guide to using the Membrane CLI to interact with Toast and appears coherent. Before using it, verify the Membrane CLI package (@membranehq/cli) is the official package (check the npm page, GitHub repo, and publisher), avoid blindly running npx/npm global installs from unknown sources, and remember that proxy requests and actions will send your Toast data through Membrane — only use it for data you trust the service to handle. If you need stricter control, consider creating connections yourself in Membrane and inspecting request payloads before sending sensitive information.

Like a lobster shell, security has layers — review code before you run it.

latestvk97425j74a1j1v2jm604gm5yq9842jv5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments