Abuselpdb
v1.0.2AbuselPDB integration. Manage data, records, and automate workflows. Use when the user wants to interact with AbuselPDB data.
⭐ 0· 99·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (AbuselPDB/AbuseIPDB) and SKILL.md consistently describe a connector for AbuseIPDB using the Membrane platform. The actions and proxy usage described fit the purpose of querying/reporting IPs. Minor naming/typo inconsistencies (Abuselpdb vs AbuseIPDB) and an unknown registry source are noted but do not indicate functional mismatch.
Instruction Scope
All runtime instructions stay within the stated scope: install the Membrane CLI, perform login via browser, create/list connections, list/run actions, or proxy requests to the AbuseIPDB API. The instructions do not ask the agent to read unrelated local files or giveaway environment variables. They do direct network traffic to Membrane (expected for this design).
Install Mechanism
The skill itself has no install spec (instruction-only), which is low-risk for static code. However, the runtime instructions tell the user to run `npm install -g @membranehq/cli` — a global npm install from the public registry. That is a normal step for this integration but does require downloading and executing third-party code and elevated privileges on some systems, so users should verify the package and publisher before installing.
Credentials
No environment variables, local config paths, or credentials are required by the skill; the SKILL.md explicitly states Membrane handles auth server-side and that users should not supply API keys. This is proportionate to a connector-style integration. Note: using Membrane means credentials and proxied requests are handled by Membrane's service, so trust in that service is required.
Persistence & Privilege
The skill does not request always:true, does not include installers that persist files, and is user-invocable only. It can be invoked autonomously (platform default), which is normal; there is no evidence it requires elevated or persistent privileges on the host.
Assessment
This skill appears to do what it says: it uses Membrane to access AbuseIPDB actions. Before installing/using it: 1) verify the Membrane CLI package (@membranehq/cli) is legitimate (check the npm page and the GitHub repo referenced) because `npm install -g` downloads and runs third-party code and may require elevated privileges; 2) understand that requests and authentication are proxied through Membrane’s service—review Membrane's privacy/security and terms since they will handle your connector credentials and proxied data; 3) note the naming/typo inconsistency (Abuselpdb vs AbuseIPDB) and confirm you’re connecting to the intended AbuseIPDB connector and not a similarly named one; 4) if unsure, run the CLI in a sandbox or isolated environment before giving it access to production data. Overall the skill is internally coherent, but trust in the external Membrane service and npm package is the main risk to verify.Like a lobster shell, security has layers — review code before you run it.
latestvk97crsf2bpzy58j3fkdfkcq6g1843nht
License
MIT-0
Free to use, modify, and redistribute. No attribution required.