Xendit

v1.0.0

Xendit integration. Manage data, records, and automate workflows. Use when the user wants to interact with Xendit data.

⭐ 0· 33·0 current·0 all-time

byVlad Ursul@gora050

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description (Xendit integration) match the instructions (use Membrane CLI to create a connection, list actions, run actions, or proxy requests to Xendit). There are no unrelated environment variables, binaries, or config paths requested, so required capabilities are proportionate to the stated purpose.

✓

Instruction Scope

SKILL.md confines runtime behavior to installing/using the Membrane CLI, logging in via browser, creating/listing connections, enumerating and running actions, and proxying requests to Xendit. It explicitly tells the agent not to ask users for API keys. The instructions do not ask the agent to read arbitrary files, secrets, or unrelated system state.

ℹ

Install Mechanism

The skill is instruction-only (no install spec). It recommends installing the public npm package @membranehq/cli (or using npx). Installing npm packages is expected for a CLI-driven integration, but installing global npm packages runs third-party code on the host — verify the package/source before installing. This is an expected tradeoff, not an inconsistency.

✓

Credentials

The skill declares no required env vars, credentials, or config paths. It requires a Membrane account (server-side) and network access, which is reasonable because Membrane is used to manage Xendit auth. No unrelated secret access is requested.

✓

Persistence & Privilege

The skill is not always-included and does not request elevated persistence. It is user-invocable and allows normal autonomous invocation (platform default). Nothing in the skill attempts to modify other skills or system-wide agent settings.

Assessment

This skill appears to do what it says: use the Membrane CLI to talk to Xendit. Before installing or using it, verify the Membrane CLI package and homepage (getmembrane.com and the referenced GitHub repo) are legitimate. Prefer npx if you want to avoid a global npm install. Understand that authentication is handled by Membrane servers — you are granting Membrane a connection to your Xendit account, so ensure you trust that service and use least-privilege credentials where possible. If you have strict supply-chain requirements, review the @membranehq/cli package source and consider running npm audit or installing in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk977ptsgc8fwkc1xqm05w0qrzn847pmd

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Xendit

License

Comments