Tyntec
v1.0.0Tyntec integration. Manage data, records, and automate workflows. Use when the user wants to interact with Tyntec data.
⭐ 0· 53·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim a Tyntec integration and the SKILL.md consistently describes using the Membrane CLI to connect to Tyntec, run actions, and proxy API requests. No unrelated credentials, binaries, or paths are requested.
Instruction Scope
Instructions are limited to installing/running the Membrane CLI, logging in, creating connections, listing/running actions, and proxying requests to Tyntec. They do not instruct reading arbitrary system files, exfiltrating data to unknown endpoints, or accessing unrelated environment variables.
Install Mechanism
Skill is instruction-only (no packaged install). The README tells users/agents to run `npm install -g @membranehq/cli` or use `npx`, which runs code from the public npm registry — a standard but moderate-risk action (npm packages execute code on install/run). No downloads from arbitrary URLs are suggested.
Credentials
No environment variables or local credentials are requested. The skill explicitly instructs to let Membrane handle auth rather than asking for API keys. Be aware that relying on Membrane means authentication/requests are proxied through Membrane's service (you must trust that service).
Persistence & Privilege
Skill does not request permanent presence (always=false) and has no install-time hooks. It relies on CLI commands run at runtime. Autonomous invocation is allowed (platform default) — not a problem by itself.
Assessment
This skill is coherent: it uses the Membrane CLI to integrate with Tyntec and does not request unrelated credentials. Before installing or using it, consider: 1) npm global install executes code from the public npm registry — review @membranehq/cli on npm and GitHub to confirm you trust it; 2) Membrane will broker auth and proxy API calls, so sensitive messaging data and credentials will transit/ be stored by Membrane — review their privacy/security docs and limit connection scope where possible; 3) the skill will open a browser for login (or require copying a code in headless environments) — ensure you authenticate to the intended tenant; 4) if you need stricter control, verify connector/action IDs and prefer least-privilege connections or alternative direct API usage. Overall the package appears consistent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97cj2d2hsn2r1j9w64x3584yh84cb9w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.