Skillv1.0.2

ClawScan security

Apiary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 2, 2026, 8:56 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements align with its stated purpose (using Membrane to interact with Apiary) and it is instruction-only, but it relies on an external CLI/service (Membrane) so users should review that service before use.
Guidance: This skill is internally consistent: it tells the agent to use the Membrane CLI to manage Apiary and does not request unrelated credentials or file access. Before installing/using it: 1) Verify you trust Membrane (getmembrane.com) and the npm package @membranehq/cli — data and credentials will be handled by their service and API proxying means request/response bodies transit their infrastructure. 2) Review the Membrane project's repo and npm package (check package ownership and releases) rather than blindly running npm install -g. 3) Note the SKILL.md references a possibly unrelated docs link (developers.readme.com) — minor inconsistency; confirm the actual Apiary API behavior when proxying. 4) If you have strict privacy/compliance needs, avoid sending sensitive data through a third-party proxy or get explicit agreements from your org before use.

Review Dimensions

Purpose & Capability: okThe skill claims to integrate with Apiary and all runtime instructions use the Membrane CLI and Membrane connections/proxying to manage Apiary resources — this matches the described purpose. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteThe SKILL.md confines actions to installing and using the @membranehq/cli and Membrane commands (login, connect, action run, request). It does not ask the agent to read local files or unrelated env vars. Important note: the skill instructs the agent to proxy arbitrary Apiary API requests through Membrane (membrane request), which means request payloads and any data sent will transit through Membrane's service — a privacy/trust consideration but coherent with the integration purpose.
Install Mechanism: okThere is no platform-level install spec; the SKILL.md recommends installing a well-scoped npm package (@membranehq/cli) via npm install -g. Using an official-sounding npm package is reasonable for this task, but installing global npm packages has the usual supply-chain/privilege implications and users should verify the package/source before installing.
Credentials: okThe skill declares no required environment variables or credentials and instructs users to authenticate via Membrane's login flow rather than providing API keys. This is proportionate to the described functionality. Be aware that authentication and credentials are managed server-side by Membrane, so you are delegating credential custody to that service.
Persistence & Privilege: okThe skill is instruction-only, always:false, and does not request persistent platform privileges or modify other skills. It does rely on the Membrane account/session the user establishes, which is normal for a connector integration.