ClawHub

Realphonevalidation

v1.0.2

RealPhoneValidation integration. Manage data, records, and automate workflows. Use when the user wants to interact with RealPhoneValidation data.

0· 112·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (RealPhoneValidation integration) matches the instructions: they all describe using Membrane to connect to and call RealPhoneValidation. Nothing requested (no env vars, no unrelated binaries) appears out of scope.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests to the RealPhoneValidation API. It does not ask the agent to read unrelated files, exfiltrate local secrets, or contact unexpected endpoints.
Install Mechanism
There is no automated install spec in the registry (instruction-only). The README recommends a global npm install of @membranehq/cli — a normal, expected step for a CLI-based integration, but installing global npm packages runs third-party code on the host and should be done only from trusted sources.
Credentials
The skill declares no required environment variables or credentials and explicitly delegates auth to Membrane (browser-driven OAuth/connection flow). No unrelated secrets or config paths are requested.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide modifications. It relies on the platform default allowing autonomous invocation, which is expected for skills; this alone is not a concern.
Assessment
This skill is instruction-only and coherent: it tells the agent to use the Membrane CLI to connect to RealPhoneValidation rather than storing API keys locally. Before installing, verify you trust the Membrane project (@membranehq/cli) and its GitHub/homepage, since the instructions recommend installing a global npm package (which runs third-party code). When connecting, review what permissions the connector requests in the browser-based auth flow and avoid providing unrelated credentials. If you prefer, run the CLI in an isolated environment (container or VM) to limit exposure. Finally, confirm the Membrane proxy and connector behavior meet your data-handling and privacy requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk979kppcm469zf6fhvw5jxsr9n842tqt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments