Openapi Generator
v1.0.0OpenAPI Generator integration. Manage data, records, and automate workflows. Use when the user wants to interact with OpenAPI Generator data.
⭐ 0· 68·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description describe an OpenAPI Generator integration and the SKILL.md consistently instructs the agent to use the Membrane CLI to discover connectors, create connections, run actions, and proxy requests to OpenAPI endpoints. Declared requirements (network access, Membrane account) match the stated purpose and no unrelated credentials or system resources are requested.
Instruction Scope
All runtime instructions focus on installing and using the Membrane CLI, logging in, creating connections, listing actions, running actions, and proxying requests. The instructions do not direct the agent to read unrelated files, harvest environment variables, or exfiltrate data outside the described flow. Note: the doc instructs performing a global npm install and browser-based login (expected for a CLI that manages connections).
Install Mechanism
There is no automated install spec in the skill package, but the SKILL.md recommends installing @membranehq/cli via npm -g. This is a common, expected mechanism for CLI usage but carries the usual npm risks (global install modifies system PATH/files and installs code from the npm registry). Verify the package and maintainers (homepage/repo are provided) before installing.
Credentials
The skill declares no required env vars or credentials and the instructions explicitly state that Membrane handles credential management server-side. No unrelated secrets or config paths are requested in the SKILL.md.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable. The only persistence/privilege is the user installing the Membrane CLI (writes files to disk) and performing an interactive login—both normal for this use case.
Assessment
This skill appears coherent with its purpose, but before installing or using it: 1) Verify the @membranehq/cli npm package and the provided GitHub repository (confirm publisher, recent activity, and stars/issues) to reduce supply-chain risk. 2) Be aware that npm -g modifies your system (may require sudo) — install in a controlled environment or use npx/container if you prefer not to install globally. 3) Understand that logging in delegates auth to Membrane (server-side): review Membrane's privacy/security documentation and your organizational policy before giving a third-party service access to connectors/APIs. 4) If you need stronger assurance, run the CLI in an isolated environment (CI runner or sandbox) and inspect network traffic or the package source before trusting it with sensitive APIs.Like a lobster shell, security has layers — review code before you run it.
latestvk978fwsvrvp77hjv78cypetxvs84ab02
License
MIT-0
Free to use, modify, and redistribute. No attribution required.