ClawHub

Connectall

v1.0.2

ConnectALL integration. Manage data, records, and automate workflows. Use when the user wants to interact with ConnectALL data.

0· 47·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md tells the agent to use the Membrane CLI to integrate with ConnectALL, which is a reasonable and proportionate way to achieve the stated purpose.
Instruction Scope
Runtime instructions are limited to installing and using the Membrane CLI (login, list/search, action run, proxy requests). The instructions do not ask the agent to read unrelated files, access additional environment variables, or transmit data to unexpected endpoints. Authentication is delegated to Membrane via browser flows or headless code exchange as documented.
Install Mechanism
The registry contains no automated install spec (instruction-only). The SKILL.md recommends installing @membranehq/cli via 'npm install -g', which is a common but potentially privileged installation step the user performs outside the skill. Installing a global npm package executes third-party code — users should verify the @membranehq package authenticity before installing.
Credentials
The skill declares no required environment variables or credentials and explicitly delegates credential management to Membrane. This is proportionate for a connector/integration skill. There are no unrelated secrets requested.
Persistence & Privilege
The skill is instruction-only, has no 'always' privilege, and does not request to modify other skills or system-wide settings. Autonomous invocation is allowed by default but not coupled with other concerning privileges.
Assessment
This skill appears coherent and focused: it instructs you to use the Membrane CLI to access ConnectALL and does not ask for unrelated secrets. Before installing or following the instructions, consider: (1) you must trust Membrane (getmembrane.com and the @membranehq npm package) because authentication and proxying go through their service; (2) installing a global npm package runs third-party code — verify the package/repository and consider installing in a controlled environment if the ConnectALL data is sensitive; (3) the login flow opens a browser and grants Membrane access to your tenant—confirm scopes and permissions in your account. If you need higher assurance, review the @membranehq/cli source repo and its release metadata before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk979qywqw5ym3k465thkjr8xkx843fnx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments