Railz
v1.0.0Railz integration. Manage data, records, and automate workflows. Use when the user wants to interact with Railz data.
⭐ 0· 50·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description (Railz integration) match the runtime instructions: it tells the agent to use the Membrane CLI to discover connectors, create connections, run actions, and proxy requests to Railz. Requiring the Membrane CLI and a Membrane account is coherent with the stated purpose.
Instruction Scope
The SKILL.md limits actions to installing/using the Membrane CLI, logging in, listing/creating connections, running actions, and proxying requests to Railz. It does not instruct reading unrelated files, accessing other env vars, or exfiltrating data to unexpected endpoints. It does require network access and a Membrane account (explicitly stated).
Install Mechanism
There is no registry install spec; the instructions ask the user to run `npm install -g @membranehq/cli` (or use npx). Installing a package from the public npm registry is a normal way to get the CLI, but installing global npm packages has the usual trade-offs: verify the package identity and trust the publisher before installing.
Credentials
The skill declares no required environment variables, credentials, or config paths. Authentication is handled via Membrane (browser login), which is consistent with the guidance to not ask users for API keys or tokens.
Persistence & Privilege
The skill does not request always:true or any elevated permanent presence. It is user-invokable and allows autonomous invocation by default (the platform default), which is expected for integration skills.
Assessment
This skill is an instruction-only guide that uses the Membrane CLI to access Railz. Before installing or running it: verify you intend to use Membrane (getmembrane.com / @membranehq/cli on npm), confirm the npm package and homepage are legitimate, and review Membrane's privacy/permissions because connections and proxied requests will go through Membrane's service. If you prefer not to install global npm packages, use npx as the SKILL.md suggests. If you need higher assurance, inspect the @membranehq/cli package on the npm registry and the Membrane documentation and repository before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk97dad5n7zfd0k8sxsaq6n8j6x84drx3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.