Tune
v1.0.0TUNE integration. Manage data, records, and automate workflows. Use when the user wants to interact with TUNE data.
⭐ 0· 68·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (TUNE integration) match the runtime instructions: discover and run TUNE-related actions via the Membrane CLI and use Membrane's proxy. No unrelated services, credentials, or system access are requested.
Instruction Scope
SKILL.md only instructs installing/using the Membrane CLI, authenticating via browser, listing/connecting to connectors, running actions, and proxying requests to TUNE. It does not request reading unrelated files, exfiltrating data, or accessing other system credentials.
Install Mechanism
The skill is instruction-only (no install spec in registry) but tells users to install @membranehq/cli via npm (or use npx). This is expected for a CLI-based integration; users should be aware installing an npm package runs third-party code from the npm registry and will create binaries on disk.
Credentials
No environment variables, credentials, or config paths are required by the skill. The doc explicitly advises letting Membrane manage credentials instead of asking users for API keys, which is appropriate and proportional.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It is user-invocable and relies on the Membrane service for auth; there is no indication it modifies other skills or system-wide agent settings.
Assessment
This skill is a how-to: it tells the agent to use the Membrane CLI to connect to TUNE and run actions. That is internally consistent. Before installing or running it, consider: (1) the instructions ask you to install @membranehq/cli from npm (or use npx) — installing CLI software runs third-party code, so verify the package provenance (npm page, GitHub repo) and prefer npx for one-off runs if you don't want a global install; (2) authentication uses browser-based flows and Membrane manages credentials server-side — confirm you trust Membrane to handle your TUNE auth and review their privacy/security docs; (3) the Membrane proxy will forward requests to TUNE on your behalf, so avoid pasting unrelated secrets into action inputs; (4) because this is instruction-only, the skill itself doesn't add persistence or request extra system privileges. If you need stronger assurance, inspect the @membranehq/cli source code and the referenced GitHub repository before installation.Like a lobster shell, security has layers — review code before you run it.
latestvk9730pbz9bar2kxa3tmqe6wcd184atxh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.