Budget Insight
v1.0.0Budget Insight integration. Manage data, records, and automate workflows. Use when the user wants to interact with Budget Insight data.
⭐ 0· 31·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The SKILL.md consistently describes interacting with Budget Insight via the Membrane platform/CLI. There are no unexpected credential, binary, or system-level requirements that don't match this purpose.
Instruction Scope
Runtime instructions only tell the agent/operator to install/run the Membrane CLI, perform browser-based login, list/create connections, run actions, and proxy API requests. The instructions do not ask the agent to read arbitrary local files, export environment secrets, or send data to unknown endpoints beyond Membrane/Budget Insight.
Install Mechanism
The doc instructs installing @membranehq/cli via npm (global install). That's a standard mechanism for a CLI but carries normal supply-chain considerations for npm packages; the skill itself has no install spec or code files. Verify the npm package and source before global install (or prefer npx to avoid global side effects).
Credentials
No environment variables or local config paths are required by the skill. Authentication is delegated to Membrane via browser login, which is proportionate to the described integration. Be aware Membrane will hold/refresh credentials server-side when you create a connection.
Persistence & Privilege
always is false, no config paths or persistent modifications are requested by the skill. The skill does not request elevated persistent presence or modification of other skills or system-wide agent settings.
Assessment
This skill is coherent: it delegates auth and API calls to the Membrane CLI/platform rather than asking for raw API keys. Before installing or using it: (1) Verify the @membranehq/cli npm package and the Membrane project (publisher, GitHub repo, and package owner) to avoid installing a malicious package; (2) prefer running with npx or in a controlled environment rather than a global npm -g install if you want to limit system-wide changes; (3) confirm what data and scopes Membrane will access for a Budget Insight connection and read Membrane's privacy/security docs (where credentials are stored, retention, and revocation methods); (4) in headless environments follow the documented login flow carefully and avoid pasting secrets into chat; and (5) if you have concerns, test with a limited/sandbox account and revoke the connection when finished.Like a lobster shell, security has layers — review code before you run it.
latestvk9796zgx2jc6dw5h8q5pbdn18x846vs6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.