Forescout
v1.0.0Forescout integration. Manage data, records, and automate workflows. Use when the user wants to interact with Forescout data.
⭐ 0· 54·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description match the instructions: it uses the Membrane platform/CLI to connect to and operate on Forescout. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md confines runtime actions to installing/using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests to Forescout via Membrane. It does not instruct the agent to read arbitrary files, harvest environment variables, or exfiltrate data to unrelated endpoints.
Install Mechanism
This is an instruction-only skill (no install spec). It tells users to install the Membrane CLI via `npm install -g @membranehq/cli` (or use npx in other examples). Installing a global npm package is a common but moderately impactful action (writes to disk, modifies PATH). The instruction is expected for the stated purpose, but users should verify the package's authenticity before global install.
Credentials
The skill requests no environment variables, secrets, or config paths. It explicitly instructs not to ask users for API keys and to rely on Membrane for auth, which is proportionate to its purpose.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-level privileges. It does not modify other skills or system-wide settings. Autonomous invocation is allowed by platform default but is not combined with other concerning privileges here.
Assessment
This skill is coherent: it delegates auth and API calls to the Membrane CLI to interact with Forescout. Before installing or using it, verify the Membrane CLI package and its publisher (review https://getmembrane.com and the GitHub repo), prefer using `npx` if you want to avoid a global npm install, and follow your org's policy for connecting security tools. Understand that Membrane will act as a proxy and hold connection credentials (browser login flow) — ensure you trust that service and the connector permissions you grant. If you need a higher assurance, inspect the Membrane CLI source and the connector configuration in a safe/test environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk97atbqs81zd55msvjqkzf4f5d84am7y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.