Tecalliance
v1.0.0TecAlliance integration. Manage data, records, and automate workflows. Use when the user wants to interact with TecAlliance data.
⭐ 0· 33·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's documented actions (discover actions, run actions, proxy requests) align with a TecAlliance integration. However, the skill metadata declares no required binaries while the runtime instructions require the Membrane CLI (membrane) and npm to install it — a minor mismatch that should be clarified.
Instruction Scope
SKILL.md confines activity to using the Membrane CLI, browser-based login, listing/ running connector actions, and proxying TecAlliance API calls through Membrane. It does not instruct access to unrelated files, environment variables, or system paths. Note: proxying arbitrary endpoints through Membrane is powerful — any request/response sent via that proxy will flow through Membrane.
Install Mechanism
There is no formal install spec in the registry (skill is instruction-only). The document asks the user to run `npm install -g @membranehq/cli` (a public npm package). Global npm installs are a common way to install CLIs but can execute package install scripts and require elevated permissions on some systems — verify the package and prefer non-global installs or sandboxed environments if concerned.
Credentials
The skill requests no local environment variables or API keys and explicitly advises not to ask users for API keys (Membrane handles auth). This is proportionate, but it means you must trust the Membrane service: credentials and proxied TecAlliance requests/responses will be handled server-side by Membrane.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system presence or modify other skills. Autonomous model invocation is allowed (default) but not combined with other high-risk flags.
Assessment
This skill is instruction-only and coherent with its purpose, but before using it: (1) be aware you must install the @membranehq/cli via npm (the SKILL.md did not list npm/membrane as required binaries) — global npm installs can run install scripts and may require elevated privileges; consider installing in a safe environment. (2) You will authenticate via a browser and Membrane will proxy requests — Membrane will see the TecAlliance requests/responses and manage credentials, so only use this if you trust that service and its tenancy policies. (3) Verify you are installing the official @membranehq/cli package (check the package and the upstream GitHub repo) and avoid handing out raw API keys locally (the skill advises against it). (4) If organizational policy restricts global npm installs or third-party proxying, run this in an isolated environment or ask for an alternative integration path.Like a lobster shell, security has layers — review code before you run it.
latestvk978f6d0bczt1xca0m51j7k4wh8470p1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.