Getprospect
v1.0.2GetProspect integration. Manage Persons, Organizations, Leads, Users, Roles, Filters. Use when the user wants to interact with GetProspect data.
⭐ 0· 121·1 current·1 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (GetProspect integration) match the runtime instructions (use Membrane CLI to connect and run GetProspect actions). The skill does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions are limited to installing and using the Membrane CLI, logging in, creating connections, running actions, and optionally proxying requests to GetProspect via Membrane. The proxy capability can send arbitrary HTTP requests to GetProspect (expected for this integration) but also means the Membrane CLI is the conduit for network activity — users should be aware that auth tokens are managed by Membrane and browser-based login is required.
Install Mechanism
No built-in install spec in the skill; the SKILL.md instructs installing @membranehq/cli via npm -g. Installing a third-party CLI globally is a normal but medium-risk action (runs code from npm). This is expected for a CLI-driven integration but users should confirm the package's provenance before installing.
Credentials
The skill declares no required env vars or credentials. Authentication is delegated to Membrane's login flow rather than embedding secrets in the skill, which is proportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request elevated persistence or to modify other skills' config. The agent-autonomous invocation defaults are unchanged; nothing in the skill attempts to escalate privilege.
Assessment
This skill is instruction-only and appears coherent: it tells you to install and use the official Membrane CLI to access GetProspect. Before installing or using it, verify the @membranehq/cli package and Membrane project (GitHub and npm) are legitimate and meet your trust requirements. Understand that Membrane will handle authentication (opens a browser or prints a URL) and will store tokens/config locally — if you are in a sensitive environment, review where the CLI stores credentials. Installing a global npm package executes third-party code on your machine, so prefer to inspect the package/repo or use a constrained environment (container or VM) if you have doubts. If you want a different assessment, provide (or verify) the official Membrane CLI package URL or the skill source repository so I can check provenance.Like a lobster shell, security has layers — review code before you run it.
latestvk97bbt2s8p24rnfhrqjaydk4j5842k9r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.