ClawHub

Warp

v1.0.0

Warp integration. Manage data, records, and automate workflows. Use when the user wants to interact with Warp data.

0· 55·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill declares a Warp integration and all runtime instructions use the Membrane CLI and Membrane connectors to access Warp. It does not ask for unrelated services, binaries, or secrets, so the requested capabilities match the stated purpose.
Instruction Scope
SKILL.md tells the agent to install/use the Membrane CLI, run login in a browser, create/connect connectors, list/run actions, and proxy API requests via Membrane. These steps stay within the integration's scope and do not instruct the agent to read unrelated files, environment variables, or exfiltrate data.
Install Mechanism
This is an instruction-only skill (no install spec). It recommends the user install @membranehq/cli via npm (a standard, user-initiated action). The skill does not include automatic downloads, extract steps, or obscure URLs.
Credentials
No environment variables, config paths, or credentials are required by the skill itself. Authentication is handled by Membrane via browser OAuth/connector flows; that is proportionate to the stated goal. Note: granting a Membrane connection gives Membrane access to the Warp data the connector permits.
Persistence & Privilege
The skill does not request always:true or persistent system-level configuration and has no install-time persistence. It is user-invocable and allows normal autonomous invocation (platform default), which is expected for skills.
Assessment
This skill is coherent and appears to do what it claims, but before installing: (1) Verify you trust Membrane (https://getmembrane.com) and review the OAuth/connector scopes — Membrane will proxy requests and will have access to any Warp data you authorize. (2) Installing a global npm CLI is a user action; prefer installing in an isolated environment or container if you have security concerns. (3) Do not provide API keys locally — follow the connector OAuth flow as documented. (4) If you want to limit risk, keep the skill user-invocable only (do not enable autonomous invocation) or audit the specific connector/action IDs and the data they will access before running actions.

Like a lobster shell, security has layers — review code before you run it.

latestvk9719mtzyy257k8zjwdyzqchx184cxbr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments