ClawHub

Uscreen

v1.0.2

Uscreen integration. Manage data, records, and automate workflows. Use when the user wants to interact with Uscreen data.

0· 107·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description claim Uscreen integration and all runtime instructions are about using the Membrane CLI to connect to Uscreen, list actions, run actions, and proxy requests. Required capabilities (network, Membrane account) match the stated purpose.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, logging in via browser, creating/using connections, listing/running actions, and proxying API calls. It does not instruct reading local files, accessing unrelated environment variables, or exfiltrating data outside of Membrane/Uscreen flows.
Install Mechanism
The skill is instruction-only (no automatic install). It directs the user to run 'npm install -g @membranehq/cli' (and shows npx for one command). Asking users to install a third‑party global npm package is expected for this integration but does require trust in the package and increases local footprint compared with a purely remote API-based skill.
Credentials
No environment variables or local credentials are requested by the skill. Authentication is delegated to Membrane (browser login/OAuth), so users must trust Membrane with their Uscreen credentials/tokens — this is proportionate for the stated purpose but worth noting from a privacy/trust perspective.
Persistence & Privilege
The skill does not request persistent/autonomous privileges (always:false) and does not instruct modifying other skills or system-wide agent settings. It relies on the Membrane service for credential management rather than storing secrets locally.
Assessment
This skill is coherent and appears to do what it says: it tells you to install and use the Membrane CLI to connect to Uscreen. Before installing, consider: 1) you will be installing a third‑party npm CLI globally — review the @membranehq/cli package on npm and the project's GitHub to confirm authenticity and permissions; 2) Membrane will handle and store OAuth credentials/tokens server‑side, so review Membrane's privacy/security documentation and trust boundaries (they will be able to access your Uscreen data via the connection); 3) if you prefer not to install globally, use the npx invocation shown in the docs to avoid a global install; 4) never enter raw Uscreen API keys into unrelated prompts — follow the connection/login flow described. If you want deeper assurance, request the package checksum/source or run the CLI in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b7rkp30tgahgv63576fykxs843938

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments