Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Beekeeper
v1.0.2Beekeeper integration. Manage data, records, and automate workflows. Use when the user wants to interact with Beekeeper data.
⭐ 0· 162·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to integrate with Beekeeper and its SKILL.md consistently instructs use of the Membrane CLI to manage Beekeeper data — that purpose and capability align. However, the registry metadata does not declare required tooling (node/npm or the membrane CLI) or explicitly note network access, while SKILL.md requires both. This mismatch between declared requirements and runtime instructions is an inconsistency.
Instruction Scope
The SKILL.md is focused and concrete: install the Membrane CLI, run membrane login, create connections, list/run actions, and use membrane request to proxy raw Beekeeper API calls. The instructions do not tell the agent to read local files, arbitrary env vars, or other unrelated data. That said, the 'proxy requests' capability lets the skill send arbitrary API calls (and bodies) through Membrane — which is expected for an integration but also expands what an agent can do and could be used to exfiltrate or mutate data if misused.
Install Mechanism
This is an instruction-only skill (no install spec), but SKILL.md instructs users to run `npm install -g @membranehq/cli` — a global npm install. The skill metadata did not declare required binaries (npm/node) or an install step. Global npm installs modify the host environment and should be declared up front; the lack of an install spec and required-binaries listing is an incoherence and raises moderate risk.
Credentials
The skill requests no environment variables or credentials in metadata and the instructions explicitly state not to ask users for API keys, instead using Membrane-managed connections. Requiring a Membrane account and interactive login is proportional to the stated purpose. No unrelated secrets are requested.
Persistence & Privilege
The skill does not request always:true, no config paths or persistent privileges are declared, and it is user-invocable with normal autonomous invocation allowed. There is no indication it will modify other skills or system-wide agent settings.
What to consider before installing
This skill appears to do what it says (Beekeeper via Membrane) but there are a few things to check before installing:
- Verify you have (or are willing to install) Node/npm and that you trust installing a global npm package (@membranehq/cli) on the host—global installs change system state.
- Confirm the Membrane service (getmembrane.com / @membranehq) and the referenced repository are trustworthy and match the skill publisher; the registry source is 'unknown'.
- Be aware that the skill enables arbitrary proxied API requests via `membrane request` — if the agent or a user supplies unexpected inputs this could send or retrieve any data accessible via your Beekeeper connection. Limit agent network privileges or review actions/requests before running them.
- The metadata omitted required tooling (node/npm) and network access; treat that as a sign to scrutinize runtime behavior and installation steps.
- Prefer creating and reviewing connections interactively (do not paste API keys) and audit what connectors and connection IDs the skill will use. If you need higher assurance, run the CLI in a sandboxed environment or inspect the official Membrane CLI source before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97aaqe4myw0y8qy4r1vr9cvth842hne
License
MIT-0
Free to use, modify, and redistribute. No attribution required.