ClawHub

Moltin

v1.0.2

Moltin integration. Manage data, records, and automate workflows. Use when the user wants to interact with Moltin data.

0· 87·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with Moltin and all runtime instructions reference the Membrane CLI and Moltin endpoints; no unrelated services, credentials, or binaries are requested in the manifest.
Instruction Scope
Instructions are limited to installing and using the @membranehq/cli, creating connections, listing actions, running actions, and proxying requests to Moltin. Important privacy/security implication: actual API requests and credential handling occur via Membrane's hosted service (you will authenticate in a browser and grant Membrane access to your Moltin data), so data and auth tokens will flow through Membrane.
Install Mechanism
This is an instruction-only skill (no install spec), and it tells users to run a global npm install (npm install -g @membranehq/cli). That is a normal instruction but does require you to install third-party software from npm; consider using npx or a scoped/local install if you prefer not to install global binaries.
Credentials
The manifest requests no environment variables or secrets. The SKILL.md explicitly advises not to ask users for API keys and relies on Membrane to manage credentials, which is proportionate to the stated purpose.
Persistence & Privilege
The skill is not marked always:true and does not request elevated agent-wide privileges. It can be invoked autonomously (platform default), which is normal for skills; nothing else indicates permanent or excessive privilege.
Assessment
This skill is coherent: it uses the Membrane CLI to talk to Moltin and does not ask for unrelated credentials. Before installing, consider that (1) you will authenticate to Membrane in a browser and Membrane will have access to your Moltin data and tokens — review Membrane's privacy/security docs and the connector scopes, (2) the README recommends a global npm install; if you prefer not to install global binaries use npx or a local install, and (3) if you want to restrict automatic use, be aware the platform allows autonomous invocation by default — disable the skill or its autonomous invocation if you want tighter control. If you need greater assurance, verify the @membranehq/cli package on npm and confirm the vendor's identity and policies before granting access.

Like a lobster shell, security has layers — review code before you run it.

latestvk972h4s332btmcbhj8gab6b9gh842bz2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments