Back to skill
Skillv1.0.3
ClawScan security
Assembla · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 3:09 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are coherent with an Assembla integration that uses the Membrane CLI as a proxy; nothing requested is disproportionate to that purpose.
- Guidance
- This skill delegates Assembla access to the Membrane CLI. If you plan to use it: 1) Only install the @membranehq/cli if you trust that publisher or run it in a sandbox/container to limit system effects; global npm installs modify your PATH. 2) During 'membrane login' you'll authorize Membrane to access external services—review the permissions and where tokens are stored; revoke connections when no longer needed. 3) Be aware that the agent (when invoked) can run Membrane actions on your behalf, so only enable the skill for trusted agents and workflows. If you need stricter isolation, run Membrane and its actions from an environment you control (CI/job container or local machine) rather than giving broad agent runtime permissions.
Review Dimensions
- Purpose & Capability
- okThe skill advertises Assembla integration and all runtime instructions show use of the Membrane CLI to access Assembla (connectorKey assembla). Requiring the Membrane CLI and using it to create a connection is consistent with the stated purpose.
- Instruction Scope
- noteSKILL.md instructs installing and using the Membrane CLI, running login flows that open a browser (or provide a headless URL/code), creating connections, listing and running actions, and creating actions when needed. The instructions stay within the domain of integrating with Assembla and do not ask the agent to read unrelated files or exfiltrate data. Note: the login flow will result in long-lived connection tokens stored/managed by Membrane—users should be aware of where those tokens are stored and what permissions are granted.
- Install Mechanism
- noteThere is no packaged install spec in the skill bundle (instruction-only). The SKILL.md recommends installing @membranehq/cli via 'npm install -g ...' which pulls from the public npm registry. This is a standard, expected mechanism for a CLI dependency but carries the usual moderate risk of global npm installs (writes binaries globally, network download).
- Credentials
- okThe skill declares no required environment variables or credentials. Authentication is performed interactively via the Membrane CLI/browser flow. No unrelated secrets or config paths are requested in the instructions.
- Persistence & Privilege
- okThe skill is not forced-always, and it does not request system-wide configuration changes in the SKILL.md. Autonomous invocation is allowed by default (platform normal), which would let the agent call Membrane actions when invoked — appropriate for a connector skill. There is no indication it modifies other skills or system-wide agent settings.