Cloud Foundry
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is a disclosed Membrane-based Cloud Foundry integration, but it gives the agent broad authenticated Cloud Foundry API access without visible safeguards for high-impact changes.
Install only if you are comfortable granting Membrane-mediated access to your Cloud Foundry environment. Use a least-privilege account, verify the Membrane CLI source, and require explicit review before the agent runs mutating or destructive Cloud Foundry API requests.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is misdirected or a prompt is ambiguous, it could modify or delete Cloud Foundry apps, routes, services, users, or security settings.
This gives the agent a broad authenticated escape-hatch to the Cloud Foundry API, including methods that can change or delete cloud resources, without visible approval gates or endpoint restrictions in the provided instructions.
you can send requests directly to the Cloud Foundry API through Membrane's proxy... injects the correct authentication headers... HTTP method (GET, POST, PUT, PATCH, DELETE)
Use least-privilege Cloud Foundry credentials, prefer scoped Membrane actions over raw proxy calls, and require explicit user confirmation for POST, PUT, PATCH, or DELETE requests.
Remote setup guidance could steer the agent’s next steps if it is trusted too broadly.
The skill allows remote connection responses to provide instructions to the agent. This can be useful for setup, but the artifact does not say to treat those instructions as untrusted or limit them to the current connection task.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat remote agent instructions as advisory only, keep them scoped to connection setup, and ask the user before following instructions that change data or permissions.
The connected account may be used to perform Cloud Foundry actions allowed by its permissions.
The skill depends on delegated Cloud Foundry authentication through Membrane, including automatic credential refresh. This is expected for the integration but gives Membrane-mediated tooling ongoing account authority.
Membrane handles authentication and credentials refresh automatically... injects the correct authentication headers — including transparent credential refresh if they expire.
Connect with the narrowest Cloud Foundry role or space needed, review what Membrane is authorized to access, and revoke the connection when no longer needed.
The behavior of the installed CLI may change over time and is not represented by the scanned skill artifact.
The skill asks users to install a globally available npm CLI at the latest version, while the artifact set contains no reviewed code or pinned package version. This is purpose-aligned but shifts trust to the external npm package.
npm install -g @membranehq/cli@latest
Install from the official package source, consider pinning a known-good CLI version, and keep the CLI updated through trusted channels.