ClawHub

Unblu

v1.0.0

Unblu integration. Manage data, records, and automate workflows. Use when the user wants to interact with Unblu data.

0· 23·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (Unblu integration) match the instructions (use Membrane CLI to connect to Unblu, list actions, run actions, or proxy API requests). There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md only instructs the agent to install and use the Membrane CLI, authenticate via browser, list connections/actions, run actions, and proxy requests. It does not instruct reading unrelated files or environment variables, nor does it ask the agent to exfiltrate data to unknown endpoints beyond Membrane's service (which is explicit).
Install Mechanism
This is an instruction-only skill (no install spec), but it tells users to install an npm global package (@membranehq/cli). Installing an npm package is normal for a CLI integration, but it does carry the usual supply-chain/privacy considerations — verify the package and repository before installing on sensitive systems.
Credentials
The skill requests no environment variables or secrets and explicitly advises not to ask users for API keys. The use of Membrane to manage auth server-side is consistent with the stated purpose.
Persistence & Privilege
The skill is not forced-always (always: false) and is user-invocable. It does not request persistent system-wide privileges or attempt to modify other skills' configuration.
Assessment
This skill appears coherent, but remember it routes Unblu requests through Membrane (a third party). Before installing or using the CLI: 1) verify the @membranehq/cli package and its GitHub repository are legitimate and review recent activity/maintainers; 2) confirm your organization's policy allows sending Unblu data through Membrane (privacy/compliance); 3) prefer testing in a sandbox or non-production environment; and 4) avoid installing global npm packages on shared or production hosts until you trust the package. If you need stricter assurance, review the Membrane CLI source and their auth/telemetry/privacy docs before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk9704pcs45e0p1wmt0c3hvkfv9847tfj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments