Zeit
v1.0.2ZEIT integration. Manage data, records, and automate workflows. Use when the user wants to interact with ZEIT data.
⭐ 0· 74·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (ZEIT/Vercel integration) align with the instructions: the SKILL.md consistently describes using the Membrane CLI to connect to Vercel and run actions/requests. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
Instructions are scoped to installing/using the Membrane CLI, logging in via browser, creating a connector, listing actions, running actions, and proxying API requests via Membrane. The skill does not instruct reading local files, harvesting environment variables, or modifying unrelated system state.
Install Mechanism
This is an instruction-only skill with no automated install spec, but it tells users to run `npm install -g @membranehq/cli`. Installing a global npm package is expected for a CLI integration but has moderate risk because it runs remote code from the npm registry — this is a user action rather than an automatic install by the platform.
Credentials
The skill requests no environment variables, no primary credential, and no config paths. It explicitly recommends letting Membrane handle credentials rather than collecting API keys locally, which is proportionate to its purpose.
Persistence & Privilege
The skill does not request always:true and does not attempt to change other skills or system-wide settings. Normal autonomous invocation is allowed (platform default).
Assessment
This skill appears internally consistent, but note it relies on a third-party service (Membrane). Before installing: (1) Decide whether you trust Membrane to mediate access to your Vercel account — connections grant Membrane access to your Vercel data. (2) The SKILL instructs you to install an npm package globally; verify the package (@membranehq/cli) and consider running via `npx` or in an isolated environment if you prefer not to install global binaries. (3) During setup you'll authenticate in a browser; review connection scopes and revoke access if you later want to remove it. (4) Avoid pasting sensitive tokens into prompts — the skill advises against asking for API keys (good). If you want higher assurance, review Membrane's privacy/security docs or create a least-privilege service account for the connector.Like a lobster shell, security has layers — review code before you run it.
latestvk9790ayf88jp5mvc2kva8fm2th842kfw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.