ClawHub

Aspireiq

v1.0.0

AspireIQ integration. Manage data, records, and automate workflows. Use when the user wants to interact with AspireIQ data.

0· 28·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description say 'AspireIQ integration' and the instructions use the Membrane CLI to connect to AspireIQ connectors and run actions — this aligns with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to install/run the Membrane CLI, authenticate via browser (or headless flow), list/connect actions, and run actions with JSON input. It does not instruct reading unrelated files, environment variables, or sending data to unexpected endpoints beyond the Membrane/AspireIQ flows.
Install Mechanism
The install instructions use npm (npm install -g @membranehq/cli) and examples with npx. Installing a global npm CLI is expected for this workflow but carries the usual risk of running third‑party code; the package comes from the public npm ecosystem rather than an opaque URL.
Credentials
The skill does not declare or require environment variables, credentials, or config paths. Authentication is handled interactively via the Membrane CLI/browser flow, which is appropriate for connector access.
Persistence & Privilege
always is false (no forced inclusion) and the skill is instruction-only — it does not request permanent agent-level privileges or modification of other skills' configs.
Assessment
This skill relies on the Membrane CLI to access AspireIQ, which is coherent with the stated purpose. Before installing, verify you trust the @membranehq/cli npm package and the getmembrane.com project (review the npm package page and the GitHub repo referenced). Use a least-privilege account for connector authentication (or a test account) because the CLI will be able to access platform data once authenticated. Installing a global npm package runs third‑party code on your machine — consider using a container or isolated environment if you are concerned. Finally, confirm any data the CLI sends/receives is acceptable for your privacy/compliance needs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b6m1t82rw68t24kqek8fd1d846sd0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments