ClawHub

Amazon Eventbridge

v1.0.0

Amazon EventBridge integration. Manage data, records, and automate workflows. Use when the user wants to interact with Amazon EventBridge data.

0· 51·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with Amazon EventBridge and its SKILL.md shows only Membrane-mediated CLI interactions and proxying to EventBridge. Requiring the Membrane CLI and a Membrane account is consistent with that purpose; there are no unrelated credential requests or opaque capabilities.
Instruction Scope
Instructions stay on-topic: install/use @membranehq/cli, login, create/connect a connector, list actions, run actions, or proxy requests. The SKILL.md does not instruct reading unrelated files, harvesting environment variables, or exfiltrating data to unexpected endpoints beyond Membrane's services.
Install Mechanism
The skill is instruction-only (no install spec in registry), but it tells users to install the Membrane CLI globally via npm (npm install -g @membranehq/cli). Global npm installs are common but modify the user's environment and pull code from the public npm registry — this is a reasonable choice for a CLI but is a trust decision and a moderate supply-chain risk compared to no install.
Credentials
The skill requests no local env vars or secrets, which is proportionate. However, it explicitly delegates credential management to Membrane: by creating a connection you will be authorizing a third-party service (Membrane) to hold/refresh AWS credentials and to proxy API requests. That is expected for this design but has privacy/security implications the user must accept.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable only. It does not request persistent system-wide privileges beyond recommending a CLI install that the user performs.
Assessment
This skill is coherent: it delegates EventBridge operations to Membrane and instructs installing the @membranehq/cli. Before installing or using it, confirm you trust Membrane (getmembrane.com): creating a connector means Membrane will handle and see your AWS EventBridge credentials and proxied requests. Prefer least-privilege IAM perms for the connector, review Membrane's privacy/TOS, and verify the npm package (@membranehq/cli) on npmjs.com or its GitHub repo before running a global install. If you prefer to keep credentials under your control, consider using the official AWS CLI/SDK instead of a third-party proxy. Finally, when possible use npx or a local install to avoid global npm changes and inspect the CLI code if you have security concerns.

Like a lobster shell, security has layers — review code before you run it.

latestvk978n7n6bthy449bkq5bkasddn84bkt0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments