Skillv1.0.3

ClawScan security

Algolia Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 2:08 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it delegates Algolia access to the Membrane CLI, asks the user to install and authenticate that CLI, and does not request unrelated credentials or system access—but it requires trusting the Membrane service and the npm package you install.
Guidance: This skill appears coherent, but before installing: (1) confirm you trust Membrane as a third party — the service will hold your Algolia credentials and mediate API calls; (2) verify the npm package (@membranehq/cli) provenance (org, npm page, GitHub) before running npm install -g; (3) prefer non-global installs (npx or local project) if you want to avoid system-wide changes or privilege escalation; (4) be cautious when following any browser auth flow and only paste codes into the official membrane CLI; (5) if you require stronger control over credentials, consider using your own tooling or a vetted integration that stores keys in your own environment.

Review Dimensions

Purpose & Capability: okThe name/description (Algolia Search) match the runtime instructions: the SKILL.md tells the agent to use the Membrane CLI to create connections and run Algolia-related actions. No unrelated environment variables, binaries, or config paths are requested.
Instruction Scope: okInstructions are scoped to installing @membranehq/cli, running membrane login/connect/action commands, and using Membrane to manage Algolia actions. The doc does not instruct the agent to read arbitrary local files, access unrelated credentials, or exfiltrate data. It does rely on an interactive/URL-based login flow (user must open a browser and paste a code in headless environments).
Install Mechanism: noteThere is no packaged installer in the skill; the SKILL.md recommends npm install -g @membranehq/cli@latest. Installing a global npm package is a reasonable way to get a CLI but carries moderate risk: npm packages run arbitrary code at install time and require trust in the package and registry. This is expected for a CLI-driven integration but is a trust & provenance consideration.
Credentials: okThe skill declares no required env vars or credentials and relies on Membrane to manage Algolia credentials server-side. That is proportionate to its purpose. Note: relying on Membrane means you must trust that service to store and use your Algolia API keys appropriately.
Persistence & Privilege: okThe skill is instruction-only, has always:false, and does not request persistent or system-wide privileges. It does not modify other skills or system settings according to the provided content.