Rafflys
v1.0.2Rafflys integration. Manage Organizations, Pipelines, Users, Filters. Use when the user wants to interact with Rafflys data.
⭐ 0· 115·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, instructions and required tooling all point to using Membrane as a proxy to Rafflys. Asking the user to install the Membrane CLI and to log in is appropriate and proportional to the stated purpose.
Instruction Scope
SKILL.md only instructs installing and running the Membrane CLI, creating connections, listing actions, running actions, and optionally proxying API requests via Membrane. It does not request unrelated files, environment variables, or system data.
Install Mechanism
There is no built-in install spec; the doc suggests a standard global npm install (@membranehq/cli). This is a common, traceable mechanism; nothing is downloaded from an obscure URL and no archives are extracted by the skill itself.
Credentials
The skill declares no required env vars or credentials. It explicitly instructs not to ask users for API keys and to let Membrane handle auth, which is consistent and minimal.
Persistence & Privilege
always is false and the skill does not request elevated persistence or modify other skills. disable-model-invocation is false (normal); there are no additional privileges requested.
Assessment
This skill is instruction-only and relies on the Membrane CLI and a Membrane account. Before installing: verify you trust @membranehq/cli (review its npm/GitHub pages), be aware global npm install may require admin privileges, and understand that Membrane will proxy requests to Rafflys (so Membrane's servers will see proxied data). If you allow an autonomous agent to use this skill, it could run the described membrane CLI commands—only enable that if you trust the skill and Membrane account access. If you have concerns about data exposure, review Membrane's privacy/docs and the OAuth/consent screens shown during membrane login.Like a lobster shell, security has layers — review code before you run it.
latestvk97b2g2t587hm11k66q7nwnr9h84379a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.