Cradl Ai
v1.0.0Cradl AI integration. Manage data, records, and automate workflows. Use when the user wants to interact with Cradl AI data.
⭐ 0· 54·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Cradl AI integration) align with the instructions: the SKILL.md exclusively explains how to use the Membrane CLI to connect to and call Cradl AI APIs. It does not request unrelated credentials or system access.
Instruction Scope
The instructions tell the agent/operator to install and run the Membrane CLI and to use commands like 'membrane action run' and 'membrane request'. This stays within the stated purpose. Note: the workflow requires interactive browser-based login (or a headless code exchange) and running shell commands; the skill does not instruct reading local files or environment variables beyond normal CLI behavior.
Install Mechanism
There is no packaged install spec in the skill itself (instruction-only). The SKILL.md recommends 'npm install -g @membranehq/cli' and uses 'npx ...' examples. Installing a CLI from npm or invoking via npx pulls code from the public npm registry at runtime — a reasonable and expected mechanism here, but it carries the usual supply-chain considerations of npm packages.
Credentials
The skill declares no required environment variables or credentials and explicitly recommends using Membrane's connection flow (rather than asking for API keys). That is proportionate to a connector-style integration.
Persistence & Privilege
No 'always: true' or other privileged flags are set. The skill does not request persistent system-wide modification or access to other skills' configs. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
Assessment
This skill appears coherent and delegates auth and API calls to the Membrane CLI as intended. Before installing/using it: (1) verify the Membrane CLI package (@membranehq/cli) on npm/GitHub to ensure it matches the vendor and review recent maintainership; (2) be aware that installing with 'npm -g' or running 'npx' will fetch and run third-party code — use a vetted environment; (3) the login flow opens a browser and results in tokens managed by Membrane (check where tokens are stored by the CLI if you need stricter control); and (4) avoid running arbitrary, unexplained membrane request/action commands suggested by any third party — confirm connector IDs and requested request paths with the user before executing. Overall the skill is internally consistent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97ffpme4119039q3f9vgsk8ax84dqpb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.