ClawHub

Uipath

v1.0.0

UiPath integration. Manage data, records, and automate workflows. Use when the user wants to interact with UiPath data.

0· 58·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (UiPath integration) match the instructions: all steps show how to discover/connect/run UiPath actions via the Membrane CLI and proxy. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md stays on topic: it instructs installing the Membrane CLI, logging in, creating a connection, listing actions, running actions, and proxying requests. It does not ask the agent to read arbitrary files, pull unrelated environment variables, or exfiltrate data to unexpected endpoints. It does rely on browser-based auth and Membrane to handle credentials.
Install Mechanism
The skill instructs installing @membranehq/cli via npm (global install). Using an npm package is expected for a CLI integration but carries the usual supply‑chain considerations: global installs modify the user environment and execute code from the public registry. Consider using npx or reviewing the package before installing.
Credentials
No environment variables, local config paths, or unrelated credentials are requested. The SKILL.md explicitly says to let Membrane manage API keys and auth server-side; that is coherent for this integration.
Persistence & Privilege
The skill is instruction-only and does not request 'always' presence or agent-level privileges. It asks users to install a CLI on their system (user-level persistence), which is expected for this type of integration.
Assessment
This skill appears to do what it claims: it uses the Membrane CLI to connect to UiPath and proxy API calls. Before installing: (1) Understand that Membrane (a third party) will see and manage the UiPath credentials and proxied requests — review Membrane’s privacy/security documentation and the referenced GitHub repo and npm package. (2) Prefer running with npx or reviewing @membranehq/cli’s source and permissions rather than blindly doing a global npm install. (3) Limit connector scopes in UiPath where possible and avoid using this in environments with high-sensitivity secrets unless you trust Membrane. (4) Because this skill is instruction-only, the platform scanner had no local code to analyze — verify the upstream package and repository if you need stronger assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bnd25fjgqqhewsdz0ph3p9d845fvy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments