Modelscope
v1.0.0ModelScope integration. Manage data, records, and automate workflows. Use when the user wants to interact with ModelScope data.
⭐ 0· 28·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description promise a ModelScope integration and the SKILL.md shows exactly how to access ModelScope via Membrane (install CLI, create a connection, run actions, proxy requests). The homepage/repo references Membrane which matches the integration path.
Instruction Scope
Runtime instructions are limited to installing/using the Membrane CLI, performing login (interactive or headless), listing connections/actions, running actions, and proxying requests. The instructions do not request unrelated files, system config, or hidden environment variables.
Install Mechanism
There is no registry install spec, but the SKILL.md instructs installing a third-party CLI via npm (npm install -g @membranehq/cli) or using npx. NPM is a common source (moderate risk). Global npm installs may require elevated privileges; the runtime will fetch code from the public npm registry.
Credentials
The skill declares no required env vars or credentials. It relies on the user's Membrane account for auth (handled by the CLI). No unrelated service credentials or config paths are requested.
Persistence & Privilege
always is false and the skill is user-invocable, but the platform allows autonomous invocation by default. After the user authenticates the Membrane CLI, local credentials/session state may permit the agent to run Membrane commands autonomously — consider this when enabling autonomous behavior.
Assessment
This skill is coherent but depends on a third-party CLI ( @membranehq/cli ). Before installing: (1) verify the NPM package and GitHub repo (check maintainers, recent activity, and trustworthiness of getmembrane.com), (2) prefer running with npx or inside an isolated environment/container rather than a global npm -g install to avoid system-wide changes, (3) understand that you must sign in via a browser and the CLI will store session credentials locally (which could let an agent run actions later), and (4) if you are uncomfortable with the CLI having network access or stored credentials, do not install or restrict the agent's ability to execute external commands. If you want extra assurance, review the @membranehq/cli source code on GitHub and the package page on npm before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk97d0tppfgqy453c3hfmt263s5849xbg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.