ClawHub

Seekwell

v1.0.2

SeekWell integration. Manage data, records, and automate workflows. Use when the user wants to interact with SeekWell data.

0· 82·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (SeekWell integration) align with the instructions which use Membrane to connect to SeekWell and run actions. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
The SKILL.md tells the user/agent to install and run the Membrane CLI (npm install -g or npx), perform browser-based login, create connections, list and run actions, and proxy API requests via Membrane. These steps stay within the stated SeekWell-integration scope. They do require network access and interactive/browser authentication, which the doc documents.
Install Mechanism
There is no registry install spec (the skill is instruction-only). The doc recommends installing @membranehq/cli from npm or using npx, which is a common but non-zero-risk vector because it pulls code from the npm registry at runtime. This is proportionate to the stated need but users should verify the npm package and source before installing globally.
Credentials
The skill does not request environment variables, secrets, or config paths. It explicitly advises not to ask users for API keys and to rely on Membrane for auth lifecycle management, which is consistent with the integration model described.
Persistence & Privilege
No 'always' flag, no system-wide config modifications are requested, and the skill does not ask for persistent credentials. It relies on the Membrane service for auth; nothing in the skill tries to increase its system privilege.
Assessment
This skill is instruction-only and coherent: it tells you to use the Membrane CLI to connect to SeekWell and does not ask for local secrets. Before installing or running commands, verify the @membranehq/cli package and the getmembrane.com site are trustworthy, and be aware that npm -g and npx execute code from the npm registry. Review the Membrane account permissions you grant via browser login and avoid using high-privilege accounts until you confirm expected behavior. If you need stricter assurance, inspect the @membranehq/cli package source (repository and npm listing) before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cwmqgspjqe92hnvzkgkgx4h842ptk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments