Secure Code Warrior

Secure Code Warrior integration. Manage data, records, and automate workflows. Use when the user wants to interact with Secure Code Warrior data.

This skill looks like a Membrane-based connector for Secure Code Warrior, but it doesn't declare how authentication is supplied. Before installing or enabling it: 1) Ask the publisher to clarify the authentication flow (does it require a Membrane API key, Secure Code Warrior API key, OAuth redirect, or interactive login?) and why getmembrane.com is the homepage; 2) Confirm what exact endpoints and data types the skill will read or modify (which Secure Code Warrior entities and whether it can write/delete); 3) Prefer supplying credentials with least privilege (scoped API token) and avoid sharing high-privilege org tokens; 4) If you need higher assurance, request the full SKILL.md runtime steps or a code sample showing API calls and verify endpoints are official (api.securecodewarrior.com or an explained Membrane proxy); 5) Because the skill uses network access, consider enabling it in a limited/test environment first and monitor its network activity. If the publisher cannot clearly explain credential handling and data flows, treat the skill with caution.

Type: OpenClaw Skill Name: secure-code-warrior Version: 1.0.1 The skill provides an integration for Secure Code Warrior via the Membrane CLI, but SKILL.md contains an excessively large list of keywords (e.g., 'Blockchain', 'Robotics', 'Help Desk Architecture') that are entirely unrelated to the stated purpose. This is a form of prompt manipulation or 'skill squatting' designed to hijack the agent's attention for a wide range of unrelated user queries. While the technical instructions for using the 'membrane' CLI appear legitimate, the inclusion of hundreds of irrelevant topics to influence agent behavior is highly suspicious.