Back to skill
Skillv1.0.2
ClawScan security
Chatsonic · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 8:55 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only Chatsonic integration that consistently relies on the Membrane CLI and a Membrane account; its requirements and instructions align with its stated purpose.
- Guidance
- This skill is coherent but depends on the third-party Membrane service. Before using it: 1) Verify you trust Membrane (review the @membranehq/cli package on the npm registry and the company/site), because Membrane will hold Chatsonic credentials and proxy requests. 2) Installing the CLI globally requires npm permissions—install it deliberately and review what the package does if concerned. 3) Do not provide Chatsonic/API keys directly to the agent; follow the SKILL.md workflow to create a connection via Membrane. 4) If you require stricter privacy, confirm Membrane's data handling and retention policies or consider using a direct Chatsonic integration that you control.
- Findings
[no_regex_findings] expected: No code files were present; the scanner had nothing to analyze. This is expected for an instruction-only SKILL.md. Evaluate security based on the instructions and external service trust instead.
Review Dimensions
- Purpose & Capability
- okThe skill's name and description describe Chatsonic integration and every required action in SKILL.md is about using the Membrane CLI to connect and operate on Chatsonic connectors. There are no unrelated environment variables, binaries, or config paths requested.
- Instruction Scope
- okRuntime instructions are explicit: install @membranehq/cli, run membrane login, create/connect to a Chatsonic connector, list/run actions, or proxy requests via membrane request. The instructions do not ask the agent to read unrelated files or environment variables, nor to exfiltrate data to unexpected endpoints.
- Install Mechanism
- noteThe SKILL.md instructs installing the Membrane CLI via npm (npm install -g @membranehq/cli). This is a normal distribution method but does require global npm installation privileges and trust in the @membranehq package and its registry publishing account. The skill itself has no automatic install spec in the registry (instruction-only).
- Credentials
- noteThe skill declares no required environment variables or local credentials and explicitly advises not to ask users for API keys. However, it depends on a Membrane account and the Membrane service will hold and use credentials for Chatsonic on the user's behalf; trusting Membrane's handling of those secrets is required.
- Persistence & Privilege
- okThe skill is user-invocable, not always-enabled, and has no install-time components written by the registry. It does not request persistent privileges or modify other skills or system-wide configuration.