Skillv1.0.1

ClawScan security

Campay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 22, 2026, 7:29 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly behaves like a simple Membrane CLI wrapper for a CamPay connector, but there are small inconsistencies (an unexpected Apple Pay docs link) and it instructs users to install/run remote packages via npm/npx which has supply-chain implications.
Guidance: This skill appears to be a straightforward set of instructions for using the Membrane CLI to talk to a CamPay connector, but take these precautions before installing or using it: - Verify the package and source: the SKILL.md tells you to npm install -g @membranehq/cli and uses npx; confirm the package name, publisher, and npm page before installing to avoid malicious packages. - Consider using a constrained environment: install/run the CLI in a sandbox, container, or dedicated VM if you are concerned about executing remote code. - Confirm the connector and data flows: when you run membrane connect and create connections, inspect what permissions/SCOPES are being requested and what data will be transmitted to Membrane. - The SKILL.md contains an odd 'Official docs' link to Apple Pay — this looks like a mistake. If unsure, contact the skill author or check the repository/homepage to confirm the intended documentation and connector mapping. - Do not provide unrelated secrets: the skill explicitly says Membrane manages credentials, so avoid pasting API keys into chat; only follow the documented login flow. If you need higher assurance, ask the publisher for a canonical repository or signed release for the Membrane CLI and for confirmation that the connectorKey 'campay' is the official CamPay connector.

Review Dimensions

Purpose & Capability: noteThe name/description map to managing CamPay data and the SKILL.md consistently instructs use of the Membrane CLI and connectors (connectorKey 'campay'), which is coherent. However the SKILL.md's 'Official docs' link points to Apple Pay docs (developer.apple.com/apple-pay/) which is unrelated to a campground payment platform and looks like an accidental or misleading reference.
Instruction Scope: okAll runtime instructions are limited to installing/using the Membrane CLI, creating connections, listing actions, and running actions. The instructions ask the user to authenticate via a browser/code flow and to use membrane commands; they do not request reading arbitrary files or unrelated environment variables.
Install Mechanism: noteThis is an instruction-only skill (no install spec), but it tells users to install @membranehq/cli via npm -g and to run npx @membranehq/cli@latest. Pulling code from the npm registry is expected for a CLI, but it carries normal supply-chain risk (remote package code executed on the machine). There is no automatic installer specified by the skill itself.
Credentials: okThe skill declares no required environment variables or credentials and instructs users to rely on Membrane-managed connections rather than asking for API keys locally. The requirement of a Membrane account is proportionate to the described workflow.
Persistence & Privilege: okalways:false and no config paths or other skills' configs are modified. The skill does not request persistent system privileges beyond what installing the Membrane CLI would normally require.