Back to skill
Skillv1.0.1
ClawScan security
Beebole · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 21, 2026, 11:06 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill behaves like a wrapper around the Membrane CLI for Beebole and is mostly coherent, but the package metadata omits the fact that the Membrane CLI (npm global package) must be installed and the skill requires trusting the Membrane service with your Beebole credentials — this mismatch and third-party trust requirement merit caution.
- Guidance
- Before installing or using this skill: 1) Be aware the SKILL.md requires you to install the Membrane CLI via npm (global install). The registry metadata does not list this dependency — ask the publisher to declare it. 2) Using the skill requires authenticating to Membrane and granting it access to your Beebole account; verify you trust Membrane (review https://www.npmjs.com/package/@membranehq/cli and the GitHub repo linked in the SKILL.md) and understand the permissions granted. 3) Consider installing the CLI in an isolated environment (container/VM) if you are cautious about global npm packages. 4) If you need higher assurance, request an explicit install spec in the skill metadata and a signed source for the CLI, or review the CLI source code before use.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md clearly declares the skill is a Beebole integration that operates via the Membrane CLI. However the registry metadata claims no required binaries or install steps. In practice the skill requires installing the @membranehq/cli npm package and network access to Membrane and Beebole. The stated purpose (Beebole integration) matches the instructions, but the metadata omission about required tooling is an incoherence.
- Instruction Scope
- okThe instructions are narrowly scoped to using the Membrane CLI to create a connection, discover or build actions, and run them. They do not instruct reading arbitrary local files, accessing unrelated environment variables, or contacting unexpected endpoints beyond Membrane/Beebole. The runtime flow requires interactive or headless login via a browser/URL code exchange.
- Install Mechanism
- concernThere is no formal install spec in the registry, but SKILL.md tells users to run `npm install -g @membranehq/cli@latest`. Installing an npm global package is a moderate-risk install mechanism (from the public npm registry). The install requirement is not declared in the skill metadata, which is an inconsistency that should be fixed. No downloads from untrusted URLs are present in the instructions.
- Credentials
- noteThe skill does not request local environment variables or secrets in metadata (consistent). However it centralizes auth through Membrane: you authenticate to Membrane, which will manage Beebole credentials server-side. That means you must trust Membrane with access to your Beebole account — a legitimate design choice but a notable third-party trust and privacy consideration.
- Persistence & Privilege
- okThe skill is not forced-always, does not request elevated persistent presence, and does not modify other skills or system-wide settings. It appears to be an instruction-only skill that delegates work to Membrane.