ClawHub

Scrapinghub

v1.0.0

Scrapinghub integration. Manage data, records, and automate workflows. Use when the user wants to interact with Scrapinghub data.

0· 63·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description target Scrapinghub and all runtime instructions center on using the Membrane CLI to connect to Scrapinghub, discover actions, run them, or proxy raw API requests. Asking the user to have a Membrane account and to install @membranehq/cli is consistent with that purpose.
Instruction Scope
SKILL.md limits actions to installing and invoking the Membrane CLI, creating connections via browser-based auth, listing/running actions, and proxying API calls. It does not instruct reading unrelated local files or harvesting unrelated environment variables. It does instruct headless login flow guidance which is expected for CLI auth.
Install Mechanism
There is no formal install spec in the registry metadata, but the SKILL.md tells users to run `npm install -g @membranehq/cli` (or use npx in examples). Installing a public npm CLI is expected but carries the usual supply-chain risk of third-party packages; this is proportional to the skill's need but worth user verification.
Credentials
The skill declares and requires no environment variables or local config paths. Authentication is handled via Membrane's connection flow (browser OAuth-like), which matches the claim that the skill won't ask for API keys or local secrets.
Persistence & Privilege
The skill is instruction-only, does not request always:true, and does not modify other skills or system-wide configurations. It relies on the user running a CLI and creating a connection; there is no automatic persistent privilege requested.
Assessment
This skill is coherent but depends on the third-party Membrane service and its npm CLI. Before installing or using it: (1) verify the @membranehq/cli package on npm (publisher, recent releases, and source repository) or prefer using npx to avoid a global install; (2) confirm you trust Membrane because API requests and Scrapinghub credentials will be proxied through their service (data sent to Membrane servers); (3) review the Membrane repository/homepage for transparency and security practices; (4) in sensitive environments avoid global npm installs and consider running commands in a controlled environment or container. If you need more assurance, provide the package repo/sha or an official install spec for review.

Like a lobster shell, security has layers — review code before you run it.

latestvk978f7vk5gce82tt02j5rs8jas844vcp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments