ClawHub

Transistorfm

v1.0.0

Transistor.fm integration. Manage data, records, and automate workflows. Use when the user wants to interact with Transistor.fm data.

0· 56·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (Transistor.fm integration) match the instructions: it guides the user to install and use the Membrane CLI to connect to Transistor.fm. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions are limited to installing and using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests via Membrane. This is in-scope, but note that API requests and credentials are proxied through Membrane's service (the user must trust that service and its auth model). The instructions do not ask the agent to read local files, environment variables, or unrelated system state.
Install Mechanism
Install uses npm (npm install -g @membranehq/cli) or npx. This is a standard public-registry install (moderate risk compared with no-install), so verify the package name and publisher before global installation; no obscure downloads or archives are used.
Credentials
No environment variables or local secrets are requested by the skill. It explicitly instructs users not to provide API keys and to let Membrane handle credentials, which aligns with the stated design.
Persistence & Privilege
The skill is instruction-only, does not request always:true, and does not modify other skills or system-wide configs. It is user-invocable and can be invoked autonomously (platform default), which is expected.
Assessment
This skill is coherent: it simply instructs use of the Membrane CLI to talk to Transistor.fm and does not ask for local secrets. Before installing: (1) verify the npm package (@membranehq/cli) and its publisher on the npm registry, (2) review Membrane's privacy/security docs because API calls and auth are proxied through their service, (3) prefer using npx or a container if you avoid global npm installs, and (4) during connector auth, check the permissions/scopes the connector requests. If you are in a high-security environment, confirm that routing podcast data through Membrane is acceptable to your organization.

Like a lobster shell, security has layers — review code before you run it.

latestvk9724y5y1h0xmcrem3gxj4cr3x84aqt4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments