Rokt
v1.0.0Rokt integration. Manage data, records, and automate workflows. Use when the user wants to interact with Rokt data.
⭐ 0· 54·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is intended to integrate with Rokt and all runtime steps use the Membrane CLI to proxy requests to Rokt — this is coherent. However, the registry metadata lists no required binaries while the SKILL.md requires installing and running the @membranehq/cli (npm global install). The skill should have declared that dependency explicitly.
Instruction Scope
SKILL.md confines the agent to using the Membrane CLI for login, creating connections, listing actions, running actions, and proxying requests to Rokt. It does not instruct reading unrelated files, environment variables, or sending data to unexpected endpoints beyond Membrane/Rokt.
Install Mechanism
There is no formal install spec in the registry; the README instructs users to run `npm install -g @membranehq/cli`. Installing a third-party global npm package is a normal approach but carries supply-chain risk and requires attention (global install may need elevated permissions). Verify the npm package and its publisher before installing.
Credentials
The skill declares no required environment variables or credentials and explicitly instructs not to request API keys, relying on Membrane to handle auth. That is proportionate for a connector-style skill.
Persistence & Privilege
The skill does not request persistent/always-on privileges (always:false) and contains no instructions to modify other skills or system-wide settings.
Assessment
This skill is instruction-only and uses the Membrane CLI to access Rokt — that behavior matches its description. Before installing or running it: 1) Verify the @membranehq/cli npm package and the publisher (check package page, repository, and recent release history). 2) Consider installing the CLI in a controlled environment (container or dedicated machine) if you want to limit risk from a new global npm package. 3) Review Membrane’s privacy/security docs to understand what data and credentials are stored or proxied server-side (the skill relies on Membrane to handle auth). 4) If you need higher assurance, inspect the Membrane CLI source code or use a test account rather than production credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk975zapexky3h6v7bs4sdjtqad84cadj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.