ClawHub

Deno A Secure Runtime For Javascript And Typescript

v1.0.0

Deno integration. Manage data, records, and automate workflows. Use when the user wants to interact with Deno data.

0· 18·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The README describes a Deno integration and the SKILL.md consistently instructs the agent to use the Membrane CLI to discover connectors/actions and proxy requests to Deno. No unrelated credentials, binaries, or system paths are requested.
Instruction Scope
The instructions direct users/agents to install and use the Membrane CLI, run login flows, list actions, run actions, and proxy arbitrary HTTP requests to the Deno API via Membrane. This is in-scope for a connector skill, but the ability to proxy arbitrary endpoints means a granted connection can be used to read or modify many resources in the remote Deno environment—ensure you trust the connector and account used.
Install Mechanism
No install spec in the registry (instruction-only), but the SKILL.md tells the user to run `npm install -g @membranehq/cli`. This uses a public npm package (traceable) and is expected for this integration; installing global npm packages carries the usual privilege risks and should be done from a trusted source.
Credentials
The skill requests no local environment variables or secrets and explicitly instructs using Membrane-managed connections rather than asking for API keys. The Deno capability list mentions env var operations, but those appear to refer to remote Deno runtime actions accessible via the connector.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide changes. It is user-invocable and can be called autonomously (platform default), which is expected for a connector skill.
Assessment
This skill is coherent: it delegates authentication and API access to the Membrane service and instructs use of the public @membranehq/cli package. Before installing or using it, verify you trust Membrane/@membranehq (check the linked homepage and GitHub repo), be comfortable installing a global npm package, and understand that creating a Membrane connection grants that connector the ability to perform many actions (including proxying arbitrary API requests) against the Deno environment. Do not provide local API keys or secrets to the agent; prefer creating a connection via the documented browser-based login flow. If you need higher assurance, review the @membranehq/cli package on npm/GitHub and inspect the connector configuration/permissions before granting access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dh25b63acxjbs8bswc9qg2d84fgh0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments