ClawHub

Zitadel

v1.0.0

ZITADEL integration. Manage data, records, and automate workflows. Use when the user wants to interact with ZITADEL data.

0· 51·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The SKILL.md clearly targets ZITADEL via the Membrane platform and instructs the agent to use the 'membrane' CLI. However, the registry metadata lists no required binaries while the runtime instructions require installation/use of the Membrane CLI (npm @membranehq/cli). This is an internal inconsistency but consistent with the stated purpose.
Instruction Scope
Instructions are scoped to installing/using Membrane CLI, creating connections, listing actions, running actions, and proxying requests to the ZITADEL API via Membrane. The skill does not instruct reading arbitrary local files or unrelated environment variables. Proxying requests to ZITADEL via Membrane is expected for this integration.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but SKILL.md instructs users to run 'npm install -g @membranehq/cli' or use npx. Installing global npm packages runs code from the npm registry and can execute install scripts, so users should verify the package origin and trustworthiness before installing globally.
Credentials
No environment variables, secrets, or config paths are requested by the skill. Authentication is delegated to Membrane and a Membrane account/browser-based login, which is proportionate for a connector-based integration.
Persistence & Privilege
always is false and the skill does not request persistent/privileged presence. Autonomous invocation is allowed (platform default) but not combined with other concerning flags.
Assessment
This skill is instruction-only and uses the Membrane CLI to access ZITADEL. Before installing or running commands: 1) verify the @membranehq/cli package and its publisher (check npm/GitHub, reviews, and package source) rather than blindly running npm -g; 2) understand that using Membrane means a third-party service will broker API requests to ZITADEL—review Membrane's security/privacy docs and your organization's policy; 3) prefer using npx or a container/virtual environment instead of a global install if you want lower host impact; 4) do not share raw ZITADEL API keys locally (the skill advises creating a Membrane connection instead). If you need stricter guarantees, request a formal install spec and confirmation that the connector IDs and endpoints map to official Membrane/ZITADEL locations.

Like a lobster shell, security has layers — review code before you run it.

latestvk975fqdhffp3w9jnn4p9awg85x84f5td

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments