ClawHub

Veriphone

v1.0.0

Veriphone integration. Manage data, records, and automate workflows. Use when the user wants to interact with Veriphone data.

0· 47·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md consistently describes interacting with Veriphone via the Membrane platform and shows how to discover/connect/run actions. It does not request unrelated credentials or access beyond the stated purpose.
Instruction Scope
Runtime instructions are limited to installing/using the Membrane CLI, creating a Membrane connection, listing actions, running actions, and optionally proxying requests to Veriphone through Membrane. The instructions do not ask the agent to read local files, environment variables, or system config unrelated to the integration.
Install Mechanism
There is no formal install spec in the skill bundle (instruction-only). The SKILL.md recommends installing a global npm package (npm install -g @membranehq/cli). Recommending installation of a third-party global CLI is reasonable for this integration, but installing global npm packages carries the usual provenance/trust risks (verify package ownership and npm listing before installing).
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. It delegates auth to Membrane (which it explicitly recommends), so the absence of local secrets is proportionate to its stated design.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide settings, and is user-invocable only. Nothing in the instructions demands permanent agent presence or elevated platform privileges.
Assessment
This skill is coherent: it expects you to use the Membrane CLI to access Veriphone and does not ask for local API keys. Before installing or using it, verify the Membrane CLI package on the npm registry and the vendor site (https://getmembrane.com) to ensure you trust the publisher. Installing a global npm CLI grants that package filesystem/execution privileges on your machine—review its npm page and source if possible. Also be aware that creating a Membrane connection delegates access to that external service (Membrane will hold credentials and can proxy API calls); only create connections you trust and limit the permissions granted to the connector. If you need stronger assurance, inspect the Membrane CLI source or run it in an isolated environment before using it with production accounts.

Like a lobster shell, security has layers — review code before you run it.

latestvk970yzfnmsgdr1rtmdjxwmp92s84a61h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments