Back to skill
Skillv1.0.3
ClawScan security
Claid Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 12:47 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install steps are coherent with a Membrane-backed Claid AI integration; nothing requested is out-of-scope for the described purpose.
- Guidance
- This skill looks coherent with its stated purpose, but before installing: 1) Verify the @membranehq/cli npm package and the publisher (scope @membranehq) to ensure it's the official CLI you expect. 2) Prefer using npx or a pinned version instead of a global 'latest' install to avoid unexpected updates. 3) Review what scopes/permissions the Membrane connection requests during 'membrane login' and what data will be sent to Claid AI (images may be uploaded to an external service). 4) If you are in a sensitive environment, consider running the CLI inside an isolated environment/container. If you want, provide the Membrane/NPM package URL or your security policy and I can help check the package provenance and connection scopes.
Review Dimensions
- Purpose & Capability
- okThe name/description (Claid AI integration for image optimization/workflows) match the SKILL.md: it instructs the agent to use the Membrane CLI to connect to a 'claid-ai' connector, discover actions, create actions, and run them. Required resources (network, Membrane account) are appropriate and expected.
- Instruction Scope
- okSKILL.md restricts runtime actions to installing/using the Membrane CLI, performing login via browser or headless code flow, creating/listing/running actions, and polling for build state. It does not instruct reading unrelated files, accessing unrelated environment variables, or exfiltrating data to unexpected endpoints. It explicitly advises against asking users for API keys.
- Install Mechanism
- noteInstallation is instruction-only but directs installing @membranehq/cli via 'npm install -g ...' or using npx. npm global unpinned 'latest' usage is common but has moderate risk (package updates change over time). No downloads from arbitrary URLs or extract steps are present. Consider verifying the npm package and its provenance before global installation.
- Credentials
- okThe skill declares no required environment variables or local config paths. It relies on Membrane to manage credentials server-side, which is proportionate for a connector-based integration. The login flow is standard for CLI-based auth.
- Persistence & Privilege
- okThe skill is instruction-only, does not request 'always: true', and does not modify other skills or system-wide settings. It assumes user-driven CLI install and login, so it has normal, limited persistence and privilege.