Yespo
v1.0.0Yespo integration. Manage data, records, and automate workflows. Use when the user wants to interact with Yespo data.
⭐ 0· 52·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Yespo integration) match the instructions: the SKILL.md directs the agent to use Membrane to connect to Yespo, discover actions, run them, or proxy requests. The requested capabilities are proportional to the stated purpose.
Instruction Scope
Instructions stay within scope: they instruct installing/running the Membrane CLI, performing login/connect/action list/action run/request proxy flows, and parsing JSON output for IDs. They do not ask the agent to read unrelated files, environment variables, or send data to unexpected endpoints beyond Membrane/Yespo.
Install Mechanism
No install spec is bundled with the skill (instruction-only), but SKILL.md recommends installing @membranehq/cli globally via npm (npm install -g). This is an expected, moderately risky action because it pulls code from the public npm registry; users should verify the publisher/package integrity or prefer npx/pinned versions if they prefer not to install globally.
Credentials
The skill declares no required env vars or secrets and explicitly instructs not to ask for API keys, relying on Membrane to manage auth. This is proportional to the stated purpose. The runtime does require a Membrane account (interactive browser login), which is appropriate.
Persistence & Privilege
Skill does not request persistent/always-on privileges (always: false) and does not modify other skills or system-wide settings. Autonomous invocation is allowed by default but is not combined here with any broad credential requests.
Assessment
This skill is an instructions-only integration that expects you to use the Membrane CLI to manage Yespo. Before installing/running: (1) confirm you trust the Membrane project/website (getmembrane.com) and the @membranehq npm package; (2) consider using npx @membranehq/cli@latest for one-off runs instead of npm -g to avoid a global install; (3) review what permissions a connector requests in the browser-based login flow (connectors may request access scopes to your Yespo account); and (4) if you need stronger assurance, inspect the @membranehq/cli package source or release artifacts on the official repository before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97142ycddwmgayeytcp73ryyx84e8te
License
MIT-0
Free to use, modify, and redistribute. No attribution required.