ClawHub

Webexpenses

v1.0.0

Webexpenses integration. Manage data, records, and automate workflows. Use when the user wants to interact with Webexpenses data.

0· 50·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description say 'Webexpenses integration' and all runtime instructions are about discovering connectors/actions and proxying requests to Webexpenses via the Membrane CLI — this is coherent with the stated purpose.
Instruction Scope
The SKILL.md instructs running the Membrane CLI (login, connect, action list/run, request proxy). It does not ask to read unrelated files or environment variables. Note: the proxy capability lets you send arbitrary API requests to Webexpenses via Membrane (expected for an integration, but be aware those requests and credentials are handled server-side by Membrane).
Install Mechanism
This is an instruction-only skill (no install spec). It tells users to install @membranehq/cli globally via npm (public registry). That is expected for a CLI-based integration but carries the usual risk of installing third-party npm packages — the skill itself does not embed or download arbitrary code.
Credentials
The skill declares no required env vars or credentials and explicitly instructs not to ask users for API keys, relying on Membrane for auth. The requested capabilities and auth behavior are proportional to the integration's purpose.
Persistence & Privilege
The skill does not request always-on presence and leaves autonomous invocation enabled (platform default). It does not instruct modifying other skills or system-wide configs.
Assessment
This skill is coherent: it expects you to install and use the Membrane CLI to connect to Webexpenses, and Membrane will handle authentication server-side. Before installing, verify you trust the Membrane project and its npm package (@membranehq/cli) because installing global npm packages runs third‑party code on your machine. Also be aware that proxying requests via Membrane means Membrane will see request payloads and manage tokens — ensure this is acceptable for your data sensitivity and organizational policies.

Like a lobster shell, security has layers — review code before you run it.

latestvk97avx7kt398rrzfd9fnmhh0vh84bxkn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments