ClawHub

Kvdb

v1.0.2

KVdb integration. Manage data, records, and automate workflows. Use when the user wants to interact with KVdb data.

0· 83·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (KVdb integration) match the SKILL.md: all instructions show how to discover and run KVdb actions via the Membrane CLI and proxy. No unrelated services, credentials, or paths are requested.
Instruction Scope
Instructions stay within scope: they ask you to install/run the Membrane CLI, create a connection, list/find actions, run actions, or proxy requests to KVdb. They do not instruct reading arbitrary local files or exfiltrating environment variables.
Install Mechanism
This is an instruction-only skill, but the docs recommend installing @membranehq/cli via npm (-g) and/or using npx @membranehq/cli@latest. Installing a global npm package or running unpinned npx pulls remote code at install/run time—this is expected for CLI use but is a moderate operational risk you should accept only if you trust the publisher.
Credentials
The skill requires no environment variables or local credential files; authentication is handled interactively via the Membrane login flow (browser-based). Requested access (network + Membrane account) is proportional to the stated capability.
Persistence & Privilege
Skill is not always-enabled, is user-invocable, and does not request elevated or persistent system privileges. It does not modify other skills or system configuration according to the provided metadata.
Assessment
This skill is an instruction-only integration that expects you to use the Membrane CLI to connect to KVdb. Before installing or following the instructions: 1) Confirm you trust the @membranehq package and its publisher (it will be installed globally or pulled via npx). 2) Be aware that npx @membranehq/cli@latest runs remote code at runtime—pin versions if you need reproducibility. 3) The skill opens a browser-based login to obtain credentials — create a minimally privileged Membrane account if possible. 4) The skill can proxy requests to external APIs through Membrane; avoid using it to send highly sensitive data unless you trust Membrane’s service and policies. 5) No local environment variables or config paths are requested by the skill itself.

Like a lobster shell, security has layers — review code before you run it.

latestvk97at1yvdq78v2qmy5fvn9stch843792

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments