ClawHub

Nhost

v1.0.0

Nhost integration. Manage data, records, and automate workflows. Use when the user wants to interact with Nhost data.

0· 66·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims to integrate with Nhost and the SKILL.md consistently instructs use of the Membrane CLI to discover connectors, create connections, run actions, and proxy API requests. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions are limited to installing and using the Membrane CLI, logging in (browser flow or headless code), connecting to an Nhost connector, listing/running actions, and proxying requests. The instructions do not ask the agent to read arbitrary files, export unrelated environment variables, or exfiltrate data beyond the described proxy to Membrane.
Install Mechanism
The skill is instruction-only (no install spec). It tells the user to run `npm install -g @membranehq/cli` — a public npm scoped package. That is a reasonable install for this purpose but carries the usual risks of installing third-party global npm packages (verify package authenticity/source before installing).
Credentials
No environment variables or local credentials are requested by the skill. The documentation explicitly instructs not to ask users for API keys and to let Membrane handle credential lifecycle, which is proportionate to the stated design.
Persistence & Privilege
Skill flags are default (not always-on). It does not request permanent presence, nor does it instruct modification of other skills or system-wide configs. Autonomous invocation is permitted (platform default) but not combined here with other high-risk requests.
Assessment
This skill is internally coherent: it directs you to install and use the Membrane CLI to proxy and manage Nhost connections. Before installing or using it: (1) verify the legitimacy of the @membranehq/cli package (check the npm page, GitHub repo, and publisher), (2) be aware that Membrane will proxy requests and therefore will see request/response data and hold connection credentials—confirm this matches your privacy and compliance needs, (3) installing global npm packages requires privileges and can affect your environment—consider testing in an isolated or disposable environment first, and (4) if you need stricter guarantees, review Membrane's privacy/security docs and inspect the CLI source code before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dxx2sdgbz22kjqhwvtsaxcs845bvv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments