ClawHub

Grovo

v1.0.0

Grovo integration. Manage data, records, and automate workflows. Use when the user wants to interact with Grovo data.

0· 48·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Grovo integration) match the instructions: the SKILL.md guides the agent to use the Membrane CLI to connect to Grovo, discover actions, run actions, and proxy API requests. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI, logging in via browser, creating connections, listing and running actions, and proxying requests. They do not instruct reading local files or accessing unrelated env vars. Minor note: the runtime guidance mixes global install (npm -g) and npx usage — npx can avoid a global install if the user prefers.
Install Mechanism
There is no registry install spec, but SKILL.md tells users to install @membranehq/cli via npm (-g) or use npx. Installing a global npm package is a common, moderate-risk action — users should trust the package publisher and review the package/source if concerned. No arbitrary URL downloads or extracted archives are recommended.
Credentials
The skill declares no required env vars or credentials and explicitly delegates auth to Membrane (browser OAuth flow). The lack of requested secrets is proportionate to the stated purpose; the only requirement is network access and a Membrane account.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent agent inclusion or modification of other skills. Autonomous invocation is allowed (platform default) and is not combined with broad credential access here.
Assessment
This skill is instruction-only and relies on the @membranehq/cli npm package and a Membrane account. Before installing: 1) Verify the Membrane CLI package (npm page and GitHub repo) and trustworthiness of the maintainer; prefer using npx if you want to avoid a global install. 2) Confirm what Grovo scopes/permissions the connection will request when you authenticate in the browser. 3) If you are security-sensitive, run the CLI in an isolated environment (container or VM) and inspect network calls or token behavior. Overall the skill appears coherent, but exercise the usual caution with third-party CLIs and OAuth connections.

Like a lobster shell, security has layers — review code before you run it.

latestvk975syw29nqh4h5x0wkqkj0mk184egp9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments