ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Chatbot Builder

v1.0.2

Chatbot Builder integration. Manage data, records, and automate workflows. Use when the user wants to interact with Chatbot Builder data.

0· 78·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's described purpose (Chatbot Builder integration) matches the runtime instructions which use the Membrane CLI and account access. However, the registry metadata declares no required binaries while the SKILL.md explicitly instructs installing and running the `membrane` CLI — an inconsistency that should have been declared in requires.binaries.
Instruction Scope
The SKILL.md stays within the stated domain (using Membrane to list/connect/run Chatbot Builder actions). It also documents a generic `membrane request CONNECTION_ID /path/to/endpoint` proxy mechanism which can send arbitrary requests to upstream APIs through Membrane. That behavior is expected for a proxy-enabled integration but is also a broader capability: an agent could be instructed (or go autonomous) to issue arbitrary API calls and transmit data externally.
Install Mechanism
There is no formal install spec in the registry, but the instructions direct the user to install `@membranehq/cli` via `npm install -g`. Installing a global npm CLI will add executable code to the system — this is common and traceable (npm package @membranehq/cli) but should be treated as a non-trivial installation step and verified before running.
Credentials
No environment variables, secrets, or unrelated credentials are requested by the skill. SKILL.md explicitly recommends letting Membrane handle credentials and not asking users for API keys, which is proportionate to the described purpose.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. Autonomous invocation is allowed by default (platform normal), and the skill does not declare modifications to other skills or system-wide settings.
What to consider before installing
What to consider before installing: - Metadata mismatch: SKILL.md requires the `membrane` CLI but the registry metadata lists no required binaries. Confirm you are comfortable installing and running the CLI before proceeding. - Verify the package: review the `@membranehq/cli` npm package (publisher, repository, recent releases) and the homepage (https://getmembrane.com) to ensure you trust the source. - Network & proxy risk: the skill can proxy arbitrary API calls via `membrane request`. That is expected for integrations, but it also means an agent (or a skill invoked autonomously) could issue arbitrary external requests or transmit data. Limit use in sensitive environments or require human approval for actions that could exfiltrate data. - Use a sandbox for first-use: install and test the CLI in an isolated environment (container or VM) to observe behavior and outputs. - Account scope: check what permissions your Membrane/Chatbot Builder connection grants. Use least-privilege / test accounts where possible. - If you need higher assurance: ask the publisher for a declared requires.binaries entry, an official install script or signed release, and/or sample outputs for the commands the skill will run. Given the small but real inconsistencies and the proxy capability, proceed only after these checks or consider running the skill with manual invocation rather than unrestricted autonomous access.

Like a lobster shell, security has layers — review code before you run it.

latestvk972609ts1z8c0r8nkxvj6kt15843awy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments