Back to skill
Skillv1.0.3
ClawScan security
Chef · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 5:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match its stated purpose (a Chef integration that uses the Membrane service/CLI); nothing requested is disproportionate, though using a third‑party service (Membrane) requires trust in that provider.
- Guidance
- This skill is coherent: it delegates Chef interactions to the Membrane service/CLI rather than doing direct API calls. Before installing/using it, verify the legitimacy of the Membrane CLI package (@membranehq/cli) on the npm registry and review Membrane's privacy/security docs since authentication and Chef credentials will be handled server‑side. Prefer installing/testing in a sandbox account first, avoid pasting private keys into chat, and confirm the connector's requested scopes when you perform the Membrane login/connect flow. If you need an entirely local integration (no third‑party server), this skill is not suitable.
Review Dimensions
- Purpose & Capability
- okName and description (Chef integration) align with the instructions: all actions are routed through the Membrane CLI and a Membrane 'chef' connector. The skill does not request unrelated credentials, binaries, or config paths.
- Instruction Scope
- okSKILL.md focuses on installing and using the Membrane CLI, creating connections, discovering and running actions, and building actions when needed. It does not instruct the agent to read unrelated files, environment variables, or send data to unexpected endpoints. The only out‑of‑band action is user authentication via browser/URL, which is expected for OAuth flows.
- Install Mechanism
- noteThe skill is instruction-only and includes a recommendation to install the @membranehq/cli via npm (-g) or use npx. There is no automated install spec in the package itself. Installing a global npm package is a normal user action but you should verify the package and version from the registry before installing.
- Credentials
- okNo environment variables, credentials, or config paths are required by the skill. The SKILL.md explicitly delegates credential management to Membrane (server‑side). This is proportionate, but it does mean you must trust Membrane with Chef credentials and access.
- Persistence & Privilege
- okSkill does not request always:true or other elevated persistence. It is user‑invocable and allows normal autonomous invocation (platform default) — no unexpected privilege escalation or requests to modify other skills or system settings.