Authenticate Com
v1.0.0Authenticate.com integration. Manage data, records, and automate workflows. Use when the user wants to interact with Authenticate.com data.
⭐ 0· 30·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Authenticate.com integration) matches the instructions: all commands and flows target Membrane's CLI to connect to Authenticate.com and run or proxy API actions. Nothing in the instructions asks for unrelated cloud credentials or capabilities.
Instruction Scope
Instructions are focused on using the Membrane CLI to discover connections, run actions, and proxy requests. They do require signing into a Membrane account (browser-based login) and sending requests via Membrane's servers, which means user data and API traffic will be routed through Membrane — an expected but important privacy/third-party-network consideration. The SKILL.md also recommends a global npm install, which affects the host environment.
Install Mechanism
There is no platform install spec in the registry (instruction-only), but the README tells users to run `npm install -g @membranehq/cli` (global npm). Installing a global npm package pulls code from the npm registry and may execute install scripts; this is a moderate-risk action compared with instruction-only or well-known system packages. Consider using npx/per-user install if you want less system-wide impact.
Credentials
The skill requests no environment variables, no config paths, and no unrelated credentials. Authentication is handled by Membrane via browser login/connection flows, which is proportionate to the stated purpose of integrating with Authenticate.com.
Persistence & Privilege
always is false and there is no install script or code that would persist configuration beyond the user's Membrane login and connectors. The skill does not request elevated agent privileges or modify other skills.
Assessment
This skill appears to do what it says: it delegates Authenticate.com access to the Membrane service and instructs you to install and use the Membrane CLI. Before installing or using it: 1) Verify you trust Membrane (https://getmembrane.com) and review its privacy/security documentation because identity data and API traffic will be proxied through their service. 2) Inspect the @membranehq/cli package on npm and its GitHub repo (post-install scripts can run on npm installs). Consider using npx or a per-user install rather than a global `-g` install. 3) During connector setup, review the permissions/scopes requested in the browser consent flow so you know what access is being granted. 4) Avoid pasting unrelated secrets into chat or the tool; treat this as routing sensitive identity data through a third party. If you need stronger guarantees, consider using your own direct integration with Authenticate.com's API (with scoped API keys) rather than a third-party proxy.Like a lobster shell, security has layers — review code before you run it.
latestvk973kt6fcsx5gqx00ze0r59cz5849k7c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.