Eversign

v1.0.2

Eversign integration. Manage Users, Organizations. Use when the user wants to interact with Eversign data.

⭐ 0· 97·0 current·0 all-time

byMembrane Dev@membranedev

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description (Eversign integration) align with the instructions: all runtime steps use the Membrane CLI to create connections, list/run actions, and proxy requests to the Eversign API. No unrelated credentials, binaries, or paths are requested.

✓

Instruction Scope

SKILL.md confines the agent to installing/using the Membrane CLI, logging in via browser, creating a connection to Eversign, listing/running actions, and optionally proxying raw API calls. It does not instruct reading unrelated files, harvesting local secrets, or sending data to third-party endpoints outside Membrane/Eversign.

ℹ

Install Mechanism

There is no formal install spec in the registry (instruction-only), which is lowest-risk. The docs recommend installing @membranehq/cli via npm -g (a public npm package). This is reasonable for the described workflow but carries the usual npm-global risks (verify package origin and permissions).

✓

Credentials

The skill declares no required environment variables or credentials. It instructs using Membrane to manage Eversign auth (server-side). No unrelated secrets or config paths are requested.

✓

Persistence & Privilege

always is false and the skill does not request system-wide or cross-skill configuration changes. It's instruction-only and does not require permanent presence or elevated privileges.

Assessment

This skill is coherent and appears to simply document how to use the Membrane CLI to access Eversign. Before installing/using: (1) confirm you trust the Membrane service (getmembrane.com) because Membrane will broker and store Eversign credentials and API traffic; (2) verify the @membranehq/cli npm package and its publisher (check npm registry and the repository) before running npm install -g; (3) be aware browser-based login and headless flows will hand auth tokens to Membrane; and (4) if you need stricter control of credentials, prefer a workflow that uses your own API keys locally (if that meets your security policy) instead of delegating auth to a third-party service.

Like a lobster shell, security has layers — review code before you run it.

latestvk97186f8q4agr1b326f7ygqfxd8426kq

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Eversign

License

Comments