Waiverforever
v1.0.0WaiverForever integration. Manage data, records, and automate workflows. Use when the user wants to interact with WaiverForever data.
⭐ 0· 31·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill declares WaiverForever integration and all runtime instructions use the Membrane CLI and a Membrane account to connect and proxy to WaiverForever. Asking the user to install the Membrane CLI and sign in to Membrane is coherent with the stated purpose.
Instruction Scope
SKILL.md confines actions to installing or invoking the Membrane CLI, performing browser-based login, creating a connector/connection, listing/running actions, and proxying API requests through Membrane. It does not instruct reading local files or unrelated env vars. Important note: all requests and credentials are handled by Membrane’s servers, so API traffic and any WaiverForever data will be routed to the third-party Membrane service (getmembrane.com).
Install Mechanism
No built-in install spec is present; runtime instructions ask the user to run `npm install -g @membranehq/cli` (a public npm package) and also show `npx @membranehq/cli@latest` in examples. This is reasonable for a CLI integration but has the usual npm-global risks (requires elevated write access, modifies system PATH). Consider using npx or inspecting the package/repo before global install.
Credentials
The skill declares no required env vars or local credentials and explicitly instructs not to ask users for API keys. Authentication is delegated to Membrane (server-side), which is proportionate to the integration; however, that means Membrane will store/handle auth tokens for WaiverForever on the user's behalf.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and has no declared config-path requirements. The only persistent change a user may make is installing the Membrane CLI (optional/global). Agent autonomous invocation remains allowed (platform default) but is not combined with other concerning privileges.
Assessment
This skill is coherent: it uses Membrane as a proxy/connector to talk to WaiverForever. Before installing, verify you trust Membrane (getmembrane.com) because requests and auth tokens will be handled by their service. Review the @membranehq/cli package and repository (or prefer using npx to avoid a global install). Check what scopes/permissions are granted during the connector login, and ensure routing your WaiverForever data through a third-party proxy meets your privacy/compliance needs. If you need stricter local control, consider using WaiverForever’s API directly rather than a third-party proxy.Like a lobster shell, security has layers — review code before you run it.
latestvk97et52xa89pm2kq11cz0vfcg9846nec
License
MIT-0
Free to use, modify, and redistribute. No attribution required.