Trueconf
v1.0.0TrueConf integration. Manage data, records, and automate workflows. Use when the user wants to interact with TrueConf data.
⭐ 0· 49·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description describe a TrueConf integration and all declared actions revolve around using the Membrane CLI to connect to TrueConf and run proxied API calls; nothing requested (no env vars, no config paths) appears unrelated to that purpose.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI (login, connect, list actions, run actions, proxy requests). It does not direct the agent to read unrelated files, harvest environment variables, or exfiltrate data to unexpected endpoints. It explicitly advises not to ask users for API keys.
Install Mechanism
There is no formal install spec in the registry; the documentation instructs users to install @membranehq/cli via npm (global) or use npx. Installing a public npm package is a reasonable, expected mechanism for a CLI, but global npm installs modify the host environment—consider using npx or auditing the package source before a global install.
Credentials
The skill declares no required environment variables or credentials. It relies on a Membrane account and the Membrane service to handle auth; that is proportionate to the stated functionality, but it does introduce a trust dependency on Membrane's handling of credentials.
Persistence & Privilege
always is false and the skill is user-invocable (normal). It does not request persistent system privileges or modify other skills or system settings.
Assessment
This skill appears coherent: it simply instructs the agent to use the Membrane CLI to manage TrueConf resources. Before installing, consider the following: 1) Use npx instead of npm -g to avoid adding global binaries, or review the @membranehq/cli source on GitHub and the package on npm to verify legitimacy. 2) Understand that Membrane will hold and manage your TrueConf credentials—only proceed if you trust that service and its privacy/security practices. 3) When authenticating in a browser, confirm the redirect/authorization page is for Membrane/TrueConf and that requested scopes match what you expect. 4) If you have strict environment policies, test commands in a contained environment first (e.g., a VM or container).Like a lobster shell, security has layers — review code before you run it.
latestvk97d6ge4nmeeks9xjmcbfadrh984cy9q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.