v1.0.2

Brainshop

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:50 AM.

Analysis

The BrainShop integration is coherent, but it gives the agent broad authenticated API access through Membrane, including raw requests that can mutate or delete BrainShop data, so users should review its scope before installing.

GuidanceInstall only if you trust Membrane and want an agent to manage BrainShop through your account. Prefer prebuilt Membrane actions, require confirmation before training, creating, updating, deleting, or using raw proxy requests, and use the least-privileged BrainShop/Membrane connection available.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

When the available actions don't cover your use case, you can send requests directly to the BrainShop API through Membrane's proxy... HTTP method (GET, POST, PUT, PATCH, DELETE).

This provides a raw authenticated API escape hatch, including destructive methods, without clear limits, confirmation requirements, or endpoint scoping.

User impactAn agent using this skill could make broad authenticated BrainShop API calls, including updates or deletions, if it chooses the proxy path.

RecommendationUse only with a BrainShop account you are comfortable delegating, and require explicit user confirmation for create, train, update, delete, or raw proxy requests.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

Install the Membrane CLI so you can run `membrane` from the terminal: npm install -g @membranehq/cli

The skill depends on a globally installed npm CLI, while the registry lists no required binaries or install spec. This appears purpose-aligned, but users should notice the external dependency.

User impactInstalling the skill may require adding a global command-line package to the local environment.

RecommendationInstall the Membrane CLI from the official package source and keep it updated; avoid installing if you do not trust that dependency.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Membrane handles authentication and credentials refresh automatically... membrane login --tenant... The user completes authentication in the browser.

The skill requires delegated Membrane and BrainShop account access with managed credential refresh. This is expected for the integration, but it is sensitive authority.

User impactThe skill can act through the connected BrainShop account using Membrane-managed authentication.

RecommendationConnect only the intended BrainShop account and review what permissions the Membrane connection receives.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

SKILL.md

Membrane automatically appends the base URL to the path you provide and injects the correct authentication headers... Membrane manages the full Auth lifecycle server-side with no local secrets.

Requests and authentication flow through Membrane as an intermediary gateway to BrainShop. This is disclosed and expected, but it is a data and authorization boundary users should understand.

User impactBrainShop request data and delegated authentication are handled through Membrane rather than only locally.

RecommendationAvoid sending unnecessary sensitive data through the integration and review Membrane's account and connection settings.