Back to skill
Skillv1.0.2
ClawScan security
Checkvist · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 8:55 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper that uses the Membrane CLI to access Checkvist and its requirements and instructions are consistent with that purpose.
- Guidance
- This skill is instruction-only and delegates auth and API access to the Membrane service. Before installing/using it: 1) confirm you trust @membranehq/cli on npm and the Membrane service (they will be able to proxy requests to your Checkvist account and thus access your data); 2) if you prefer not to install a global npm package, use npx or a local install; 3) review permissions requested during the browser login for the Checkvist connector; and 4) consider using an isolated environment (container/VM) if you are cautious about adding global binaries.
Review Dimensions
- Purpose & Capability
- okName/description say "Checkvist integration" and the SKILL.md exclusively instructs using the Membrane CLI to connect to Checkvist. No unrelated credentials, binaries, or paths are requested.
- Instruction Scope
- okInstructions are limited to installing/running the Membrane CLI, creating a connection, listing actions, running actions, and proxying requests to Checkvist via Membrane. They do not request arbitrary file reads, unrelated environment variables, or external endpoints beyond Membrane/Checkvist.
- Install Mechanism
- noteThe install step recommends npm install -g @membranehq/cli (a public npm package). This is a standard approach but does write a global binary and has the usual npm trust implications; it's proportionate to the skill's functionality.
- Credentials
- okThe skill declares no required env vars or credentials and relies on Membrane for auth. That matches the stated guidance to create a connection rather than storing API keys locally.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. There is no indication it modifies other skills or requires permanent platform-wide presence.