Back to skill
Skillv1.0.1
ClawScan security
Aloha Pos · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 7:28 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it instructs the agent to use the Membrane CLI to interact with Aloha POS, asks for interactive login via Membrane (no raw API keys or unrelated credentials), and has no hidden installs or file accesses in its instructions.
- Guidance
- This skill looks coherent and focused: it delegates auth and API calls to the Membrane service and uses the Membrane CLI to interact with Aloha POS. Before installing or running commands: verify you trust the Membrane project (homepage and npm package owner), prefer npx for one-off use rather than a global npm install, perform the interactive login in a browser you control, and only create connections for systems you trust. Because the CLI executes code from the npm registry, if you care about supply-chain risk review @membranehq/cli's repository and package metadata first. If you want even lower risk, run these steps in an isolated environment (container/VM) rather than your primary workstation.
Review Dimensions
- Purpose & Capability
- okName/description (Aloha POS integration) match the runtime instructions: the SKILL.md consistently instructs using the Membrane CLI to create a connection, discover actions, and run them against Aloha POS. There are no extraneous credentials, binaries, or unrelated service requirements declared.
- Instruction Scope
- okInstructions are narrowly scoped to installing/using the Membrane CLI, authenticating via Membrane's interactive flow, creating connections, listing actions, and running actions. The skill does not instruct the agent to read arbitrary files, access unrelated environment variables, or transmit data to endpoints outside Membrane/Aloha contexts.
- Install Mechanism
- noteThis is an instruction-only skill (no automated install). It recommends installing @membranehq/cli via npm (global or npx). Recommending npm is reasonable for a CLI, but global npm installs require administrative privileges and execute code from the npm registry—users should verify the package source (official @membranehq) and consider using npx to avoid a global install.
- Credentials
- okSKILL.md requires a Membrane account and network access but declares no other environment variables or keys. Authentication is handled by Membrane's interactive flow (no request for raw API keys or unrelated credentials), which is proportionate to the stated purpose.
- Persistence & Privilege
- okSkill is not marked always:true and has no install script or code that persistently changes agent/system configuration. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.