Cuttly
v1.0.2Cutt.ly integration. Manage Links. Use when the user wants to interact with Cutt.ly data.
⭐ 0· 130·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is a Cutt.ly integration and all instructions revolve around using Membrane to create connections, run actions, and proxy requests to Cutt.ly. Requiring a Membrane account and network access is coherent with that purpose.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, logging in via browser, creating connections, listing actions, running actions, and proxying requests. It does not instruct reading unrelated files, exporting environment variables, or exfiltrating data beyond normal API use.
Install Mechanism
The guide tells the user to run `npm install -g @membranehq/cli`. Installing a global npm package is a reasonable way to obtain the CLI but carries the usual trust risk of third‑party packages. There is no opaque download or archive extraction in the skill itself.
Credentials
The skill declares no required env vars or credentials; it delegates auth to Membrane (browser-based login/connection flow). The credential model described matches the stated behavior and does not request unrelated secrets.
Persistence & Privilege
The skill is not forced-always and does not request system configuration or persistent privileges. Autonomous invocation is enabled by default but this is normal and not combined with other elevated privileges.
Scan Findings in Context
[no_regex_findings] expected: The skill is instruction-only (SKILL.md) and contains no code files for the regex scanner to analyze; this is expected. The scanner found nothing to report.
Assessment
This skill is internally coherent: it instructs the agent to use the Membrane CLI to talk to Cutt.ly and does not ask for unrelated secrets. Before installing or running the CLI, verify the @membranehq/cli package and the Membrane service you will be authorizing (check the npm package page, GitHub repo, and privacy/permissions of your Membrane account). If you prefer lower risk, run the CLI in a container or isolated environment rather than installing it globally. Be aware that trusting this skill means trusting Membrane to handle your Cutt.ly credentials and proxy requests on your behalf.Like a lobster shell, security has layers — review code before you run it.
latestvk97bq5j0pdv65893ne14rxzpx9842aee
License
MIT-0
Free to use, modify, and redistribute. No attribution required.