Builderio
v1.0.2Builder.io integration. Manage data, records, and automate workflows. Use when the user wants to interact with Builder.io data.
⭐ 0· 99·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description say 'Builder.io integration' and the instructions exclusively show how to use the Membrane CLI to connect to Builder.io, list/run actions, and proxy requests — these requirements are coherent with the stated purpose.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI and on creating/using a Builder.io connection. They do not request unrelated files, environment variables, or system-wide credentials. Note: the proxy command allows arbitrary HTTP requests through the Membrane connector, which is expected for this kind of integration but means the connector's permissions should be reviewed before use.
Install Mechanism
The SKILL.md instructs installing a global npm package (npm install -g @membranehq/cli). This is a common mechanism but does install third-party code on the host. No binary downloads or obscure URLs are used; risk is typical for installing an npm CLI tool.
Credentials
The skill declares no required environment variables or credentials and directs users to authenticate via Membrane's browser login flow. It does not ask for unrelated secrets or environment access.
Persistence & Privilege
Skill is instruction-only, has no install spec in the registry, and is not always-enabled. It does not request persistent privileges or modify other skills' configs.
Assessment
This skill is coherent: it uses the Membrane CLI to talk to Builder.io. Before installing and using it: (1) verify you trust the @membranehq/cli npm package and its publisher (review the package page, maintainers, and GitHub repo); (2) be aware npm install -g modifies your system PATH — consider using npx or a local install if you prefer; (3) when creating the Membrane 'connection', review the connector's permissions and scope (the connector can proxy arbitrary Builder.io API calls); (4) use a dedicated or least-privilege Membrane account if you want to limit blast radius; and (5) if you need stronger assurance, inspect Membrane's source or run the CLI in an isolated environment before authorizing access.Like a lobster shell, security has layers — review code before you run it.
latestvk97ake6r67cstxshevv43gqnw5842hg3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.