ClawHub

Trint

v1.0.2

Trint integration. Manage data, records, and automate workflows. Use when the user wants to interact with Trint data.

0· 77·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill description (Trint integration) matches the instructions: all actions are performed via the Membrane CLI which proxies to Trint. No unrelated services, binaries, or environment variables are requested.
Instruction Scope
SKILL.md limits runtime behavior to installing/using the Membrane CLI, logging in, creating a Trint connection, listing and running actions, and proxying requests to the Trint API. It does not instruct reading unrelated files, environment variables, or system paths.
Install Mechanism
The skill is instruction-only (no automatic install). It tells the user to install a public npm package (@membranehq/cli) globally. This is expected for a CLI-based integration but carries the usual cautions about installing third-party npm packages globally and running CLI tools that will handle authentication.
Credentials
No environment variables, secrets, or config paths are requested. The SKILL.md explicitly recommends letting Membrane manage credentials server-side, which aligns with the skill's purpose.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not request elevated platform privileges or modification of other skills' configs. Autonomous invocation is allowed by default but not accompanied by other concerning privileges.
Assessment
This skill is internally consistent: it relies on the Membrane CLI to authenticate and proxy requests to Trint rather than asking for API keys locally. Before installing or using it: (1) verify you trust the @membranehq/cli npm package and the getmembrane.com service (review their npm/GitHub repo and privacy/security docs), (2) avoid running global npm installs as root where possible (use npx or a local install in restricted environments), (3) be aware that Membrane will hold and use credentials to access your Trint data via the connector—review what permissions you grant during the connect/login flow, and (4) if you need higher assurance, inspect the CLI source or use a dedicated account with limited permissions for integration testing. The skill itself does not request unrelated secrets or system access.

Like a lobster shell, security has layers — review code before you run it.

latestvk976pz1xxjt05ar2peht9jqh0n8439gs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments