ClawHub

Outfit

v1.0.2

Outfit integration. Manage data, records, and automate workflows. Use when the user wants to interact with Outfit data.

0· 71·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with Outfit and all runtime instructions center on using the Membrane CLI to discover connectors, create a connection, run actions, and proxy requests. Requiring the Membrane CLI is proportionate to the stated purpose.
Instruction Scope
Instructions are narrowly focused on installing and using the Membrane CLI and do not ask the agent to read unrelated files or secrets. One notable behavior: the skill recommends using Membrane's request proxy to make arbitrary API calls to Outfit — that means request payloads and headers are routed through Membrane's servers, so the operator should understand that Membrane will see the proxied request contents.
Install Mechanism
The SKILL.md instructs installing @membranehq/cli via npm -g. This is a standard approach for a CLI dependency but involves installing a third-party npm package globally (moderate trust requirement). The skill itself has no automated install spec and does not write files; the install action is left to the operator.
Credentials
The skill declares no required environment variables or credentials and explicitly instructs not to ask users for API keys, relying on Membrane to manage auth. The requested access is minimal and appropriate for the described integration.
Persistence & Privilege
The skill is not forced to always-load and uses default agent invocation settings. It does not request persistent system-wide config changes in the instructions.
Assessment
This skill is internally consistent: it expects you to install and use the official Membrane CLI to connect to Outfit and to let Membrane handle authentication. Before installing or using it: 1) Confirm you trust the @membranehq/cli npm package and check its source/release (installing global npm packages has system-level effects). 2) Understand that proxied requests (membrane request ...) and any API calls you make will flow through Membrane's servers — review Membrane's privacy/security docs and consider using a dedicated account with limited permissions. 3) Use the headless login flow carefully if running in automated or CI environments and avoid pasting highly sensitive secrets into command arguments. If you want added assurance, test in a sandbox account or environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk973ahq7zpwegkhndy594yngmh842n01

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments