ClawHub

Userflow

v1.0.2

Userflow integration. Manage data, records, and automate workflows. Use when the user wants to interact with Userflow data.

0· 67·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill declares it integrates with Userflow and all runtime instructions consistently rely on the Membrane CLI to discover connectors, run actions, and proxy API requests to Userflow. No unrelated services, credentials, or binaries are requested.
Instruction Scope
SKILL.md gives concrete CLI commands (membrane login, connection list, action list/run, membrane request) and does not instruct the agent to read unrelated files, environment variables, or exfiltrate information. It does require network access and interactive browser-based login, which is appropriate for this integration.
Install Mechanism
There is no formal install spec in the skill bundle (instruction-only), but the doc recommends installing @membranehq/cli via npm -g or using npx. This is expected for a CLI-driven integration; installing global npm packages modifies the host environment and may require elevated permissions—users may prefer npx to avoid a global install.
Credentials
The skill requests no environment variables, no secrets, and no config paths. Authentication is delegated to Membrane (browser login / connections), which keeps API keys out of local environment—consistent with the stated guidance.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide modifications. It does not attempt to modify other skills or agent configs. Autonomy (model invocation) is allowed by default, which is normal for skills and not by itself a concern.
Assessment
This skill is coherent: it uses the Membrane CLI to access Userflow and does not ask for local secrets. Before installing or using it, consider: (1) Membrane will proxy your requests and handle credentials server-side—review Membrane's privacy/security docs and whether you trust that service to see proxied data. (2) The docs recommend npm -g install which writes a global binary; use npx @membranehq/cli@latest if you prefer not to install globally. (3) Expect an interactive browser login to create connections—check the scopes and permissions you grant during that auth flow. (4) If you want lower risk from autonomous agent actions, restrict the agent's ability to call skills automatically or review actions before they run. If you need more assurance, inspect the Membrane CLI source repository and the connector implementation for Userflow before proceeding.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ahf6r5n0ttecz08b70jzwrs842fef

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments