Back to skill
Skillv1.0.2
ClawScan security
Api2Pdf · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 8:52 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it instructs the agent to use the Membrane CLI to proxy and run Api2pdf actions and does not request unrelated credentials or perform unexpected operations.
- Guidance
- This skill is coherent with its stated purpose, but review these before installing: (1) The skill relies on the Membrane CLI — installing a global npm package runs third-party code on your machine; verify the package and its source (GitHub repo) if you need higher assurance. (2) Membrane handles authentication and proxies requests to Api2pdf, so Membrane will have access to any API tokens and proxied data — confirm you trust Membrane's security and privacy policies. (3) The browser-based login stores credentials locally via the CLI; use a dedicated account or isolated environment on shared systems. (4) If you need stricter guarantees, inspect the @membranehq/cli source code or run it in a sandbox/VM. Overall the skill is consistent and does not request unexplained credentials or unusual system access.
Review Dimensions
- Purpose & Capability
- okThe name/description (Api2pdf integration) aligns with the instructions: all runtime steps show how to use the Membrane CLI to call Api2pdf actions. Nothing in the SKILL.md asks for unrelated services or credentials.
- Instruction Scope
- noteInstructions are limited to installing/using the Membrane CLI, creating connections, listing/running actions, and proxying requests to Api2pdf. Note: proxying via Membrane means Membrane will see request/response data and holds auth tokens — this is expected but important for user privacy/trust.
- Install Mechanism
- noteNo install spec in the registry (instruction-only), but SKILL.md tells the user to run 'npm install -g @membranehq/cli'. Installing a global npm package is a common pattern but carries the usual risk of executing third-party code on the host; the package appears to be a public npm package (traceable) rather than an arbitrary download.
- Credentials
- okThe skill declares no required env vars or credentials; authentication is delegated to the Membrane CLI/browser login flow. This is proportionate, but it means the Membrane account/CLI becomes the gatekeeper for Api2pdf access — users should ensure they trust Membrane with API credentials and data.
- Persistence & Privilege
- okThe skill does not request 'always: true' and makes no claims about modifying other skills or system-wide settings. It is user-invocable and uses normal CLI-based auth; no excessive persistence or privileges are requested.