ClawHub

Volterra

v1.0.0

Volterra integration. Manage data, records, and automate workflows. Use when the user wants to interact with Volterra data.

0· 49·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Volterra integration) match the instructions: the SKILL.md tells the agent to use the Membrane CLI to manage Volterra resources. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
The instructions are narrowly scoped to installing/using the Membrane CLI and creating/using a Volterra connector. They do require network access and interactive auth (browser flow or headless code exchange). Note that the CLI will handle storing credentials/token refreshes (the doc references this), which is outside the skill but expected for a CLI-based integration.
Install Mechanism
No registry install spec exists (instruction-only). The SKILL.md directs the user to run `npm install -g @membranehq/cli` — a public npm package install. This is a common pattern but carries the usual npm-package risks (supply-chain or malicious package); the install is not automated by the platform.
Credentials
The skill declares no required environment variables, credentials, or config paths. It delegates authentication to Membrane, which is proportionate for an integration that uses a third-party CLI.
Persistence & Privilege
The skill is instruction-only, has no install-time persistence, and does not request 'always: true' or other elevated privileges. Autonomous invocation remains default but is not combined with excessive access.
Assessment
This skill instructs you to install and use the Membrane CLI (npm package) to access Volterra. Before installing: verify the @membranehq/cli package and the vendor (getmembrane.com / the referenced GitHub repo) are legitimate, consider installing a pinned version rather than a floating global install, and review where the CLI stores authentication tokens on your machine. The skill itself does not ask for extra env vars or credentials, but the Membrane CLI will handle auth and persist tokens locally — only proceed if you trust that CLI and its publisher.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e444d42wet3sm1t4kw492n584fdr3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments