ClawHub

Zencom

v1.0.2

ZEN.COM integration. Manage data, records, and automate workflows. Use when the user wants to interact with ZEN.COM data.

0· 75·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill advertises ZEN.COM integration and instructs the agent to use the Membrane CLI to create connections, list actions, run actions, and proxy requests — all of which are appropriate for integrating with ZEN.COM.
Instruction Scope
Runtime instructions are limited to installing and invoking the @membranehq CLI, performing connection/auth flows, listing and running actions, and proxying API requests. These steps are within scope, but note that proxying means request payloads and responses will transit Membrane's service (so sensitive financial data will be handled by Membrane).
Install Mechanism
The skill is instruction-only (no embedded install spec), but it directs users to install the Membrane CLI via npm install -g @membranehq/cli (or use npx). Installing a global npm package modifies the host environment; the package is namespaced (@membranehq) which is expected, but users should verify package provenance (e.g., npm page, maintainers) before installing.
Credentials
The skill declares no required environment variables or credentials and relies on Membrane's browser-based login/connection flows. That is proportional: credentials are managed by Membrane rather than requested directly by the skill.
Persistence & Privilege
The skill does not request permanent presence (always:false), does not modify other skills or system settings, and has no config path requirements.
Assessment
This skill appears to be what it says: it uses the Membrane CLI to broker ZEN.COM API calls. Before installing or using it, verify the @membranehq CLI package and the Membrane service privacy/security posture (requests and financial data will transit Membrane). If you prefer not to install a global npm package, use npx to run the CLI. When creating connections, review the permissions/scopes requested by the connector and avoid sending highly sensitive data unless you trust the Membrane endpoint and its operator.

Like a lobster shell, security has layers — review code before you run it.

latestvk971vtt23vk3fjnjcbks6w2e2x842av5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments