ClawHub

Textit

v1.0.0

TextIt integration. Manage data, records, and automate workflows. Use when the user wants to interact with TextIt data.

0· 63·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to integrate with TextIt and all runtime instructions are about using the Membrane CLI to discover connectors, create connections, run actions, or proxy requests to the TextIt API. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
Instructions are limited to installing/using @membranehq/cli, logging in, creating connections, running actions, and proxying requests. One notable point: proxying requests routes API calls through Membrane (they inject auth headers and handle refresh), so user data and request payloads will transit Membrane's service — this is expected for this design but worth knowing.
Install Mechanism
The skill has no install spec and is instruction-only. It recommends installing the Membrane CLI via npm (a standard public registry). No automatic downloads or archive extraction are performed by the skill itself.
Credentials
The skill does not request environment variables, secrets, or config paths. It explicitly instructs not to ask users for API keys and to rely on Membrane-managed connections for auth, which is proportionate to the described functionality.
Persistence & Privilege
The skill is not forced-always, does not modify other skills, and contains no install-time actions in the manifest. It relies on user-run CLI commands and browser-based auth, which do not imply elevated or persistent privileges within the agent.
Assessment
This skill is an instruction-only integration that uses the Membrane CLI to talk to TextIt. Before installing or using it: 1) Verify you trust Membrane (getmembrane.com) — requests and payloads are proxied through their service and may be logged/processed by them. 2) Install the @membranehq/cli from npm only if you trust that package; consider checking the npm publisher and the GitHub repo mentioned in the header. 3) The skill does not request local secrets, but the CLI will perform browser-based auth and create connections; follow the CLI prompts and avoid pasting secrets into chat. 4) If you need stricter data controls, review Membrane's privacy/security docs or use a dedicated TextIt API account with limited permissions. 5) Note this skill is instruction-only (no code files were provided for review), so if you want extra assurance, inspect the Membrane CLI source before using it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c0f6p44g6phwgyaftp79dph844284

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments