ClawHub

Yuja

v1.0.0

YuJa integration. Manage data, records, and automate workflows. Use when the user wants to interact with YuJa data.

0· 47·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description (Yuja integration) match the instructions: all runtime actions are calls to the Membrane CLI or Membrane proxy to reach YuJa. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent/user to install and run the Membrane CLI, perform membrane login (browser flow or headless flow), list/connect connections, run actions, and proxy raw requests via Membrane. These instructions remain within the scope of a YuJa integration, but they require routing requests and data through Membrane's service (the doc explicitly states this). Also, the browser-based login step may not work in fully headless/automated environments without the provided headless completion flow.
Install Mechanism
No install spec in the registry (instruction-only), but SKILL.md tells users to run `npm install -g @membranehq/cli`. This is a public npm package install — a common pattern but a moderate risk compared to no-install instruction-only skills because it writes a global binary and runs third-party code.
Credentials
The skill requests no environment variables, no keys, and no local config paths. The SKILL.md explicitly tells integrators not to ask users for API keys and to rely on Membrane for auth, which is proportionate to the stated purpose.
Persistence & Privilege
Skill flags show normal privileges (always:false, model invocation allowed). The skill does not request persistent presence or elevated system configuration changes.
Assessment
This skill is internally consistent: it uses the Membrane CLI to authenticate and proxy requests to YuJa rather than requiring YuJa credentials directly. Before installing, consider: 1) You must trust Membrane (getmembrane.com) because requests and authentication will be routed through their service. 2) Installing a global npm CLI modifies your system PATH and executes third-party code — review the @membranehq/cli package (source, maintainers, and permissions) before installing. 3) The login flow opens a browser (or uses a headless code flow); that may not work in all automated environments. If you need to avoid routing data through a third party, this skill is not appropriate. Otherwise, the skill appears coherent with its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk974hc0t9qm0nd7tvs2p3f3pn184fq63

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments