ClawHub

Propstack

v1.0.0

Propstack integration. Manage data, records, and automate workflows. Use when the user wants to interact with Propstack data.

0· 47·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Propstack integration) matches the instructions: discovering actions, creating a connection, running actions, and proxying requests via the Membrane CLI. All requested capabilities are relevant to that purpose.
Instruction Scope
SKILL.md instructs the agent to install and use the Membrane CLI, run login flows that open a browser, list/connect actions, and proxy API requests through Membrane. It does not instruct reading unrelated files or exfiltrating data. It explicitly says not to ask users for API keys and to rely on Membrane for auth.
Install Mechanism
There is no packaged install spec in the registry, but the docs instruct `npm install -g @membranehq/cli` / use of `npx`. Installing a public npm CLI is a normal step for this integration but carries the usual npm risk surface; users should verify the @membranehq/cli package origin and integrity before global installation.
Credentials
The skill requests no environment variables, no credentials, and no config paths. Authentication is delegated to Membrane and the user-facing browser OAuth flow, which is proportionate for a third-party integration.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide persistence or modify other skills. It relies on user-driven CLI calls and browser login, which is appropriate for this functionality.
Assessment
This skill is coherent, but you should verify and trust the Membrane CLI before installing it globally. Check @membranehq/cli on npm/GitHub (maintainer, versions, issues) and review the OAuth scopes/permissions shown when you connect Propstack via Membrane. If you are unsure about installing global npm packages on a production machine, run the CLI in a container or isolated environment. Refuse or inspect any unexpected scopes or prompts during the browser auth flow.

Like a lobster shell, security has layers — review code before you run it.

latestvk977kk1neds35p775gesz9yhbh84f2xq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments