ClawHub

Wildapricot

v1.0.0

WildApricot integration. Manage data, records, and automate workflows. Use when the user wants to interact with WildApricot data.

0· 30·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (WildApricot integration) align with the instructions: all runtime actions are performed via the Membrane CLI which proxies to WildApricot. The skill does not request unrelated credentials or OS access.
Instruction Scope
SKILL.md stays within scope: it instructs how to install and use the Membrane CLI, create connections, list/run actions, and proxy raw requests. It does not instruct reading arbitrary files, harvesting environment variables, or sending data to unknown endpoints beyond Membrane/WildApricot.
Install Mechanism
This is an instruction‑only skill (no install spec), but it recommends installing @membranehq/cli via npm (or using npx). Installing a global npm package executes third‑party code — a normal but nontrivial trust decision. The recommendation is expected for this integration but worth attention.
Credentials
No environment variables or local secrets are requested, which is proportionate. However, the approach centralizes authentication with Membrane (you create a Membrane account and complete browser auth), so WildApricot credentials and token refreshes are handled server‑side by Membrane — you must trust that service with access to your WildApricot data.
Persistence & Privilege
The skill does not request 'always' presence, does not modify other skills, and has no install hooks. Autonomous invocation is allowed by default (normal for skills) and is not combined with other concerning privileges.
Assessment
This skill is internally consistent: it uses the Membrane CLI to access WildApricot and requires a Membrane account. Before installing or following the instructions, consider: 1) You will likely install or run code from npm (@membranehq/cli); installing global npm packages runs third‑party code — prefer npx if you want to avoid a global install. 2) Membrane will broker authentication and hold tokens server‑side — review Membrane's privacy/security practices since it will be able to access your WildApricot data. 3) The skill does not ask for local secrets or unrelated credentials, and it does not instruct reading system files. If you trust Membrane and are comfortable running the CLI, the integration is appropriate. If you prefer not to trust a third party with credentials, use a direct WildApricot integration that you control.

Like a lobster shell, security has layers — review code before you run it.

latestvk97886m33s15ta0z2rh9gy55ys8470rn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments