Back to skill
Skillv1.0.3
ClawScan security
Contentking · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 11:02 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match its ContentKing integration purpose, but there are small inconsistencies (notably an un-declared npm dependency and a network/CLI install step) you should be aware of before installing.
- Guidance
- This skill appears to do what it says (connect to ContentKing via Membrane), but note two practical issues before installing: (1) the SKILL.md requires installing the @membranehq/cli with npm and a Membrane account, yet the registry metadata lists no required binaries or installs—confirm you have and trust npm/node and the Membrane CLI publisher; (2) installing a global npm package executes third-party code on your machine—consider running the install in a sandbox or VM, inspect the package (npmjs page, repository, and recent maintainers/versions), and verify the GitHub repo and publisher identity (https://github.com/membranedev/application-skills and https://getmembrane.com). Do not provide raw API keys to the skill; follow the documented browser-based login flow. If you want higher assurance, ask the publisher to add an explicit install spec and required-binaries (npm/node) to the registry entry and provide a signed release or vetted package source.
Review Dimensions
- Purpose & Capability
- noteName and description match a ContentKing integration and the SKILL.md focuses on using Membrane to access ContentKing. However, the registry metadata claims no required binaries or install steps while the instructions explicitly require installing the @membranehq/cli via npm and a Membrane account—this is a mismatch between declared requirements and actual runtime needs.
- Instruction Scope
- okThe SKILL.md instructs the agent to install and use the Membrane CLI to authenticate, create a connection to ContentKing, discover and run actions, and create actions when needed. All commands and file/credential access are within the stated integration scope and do not ask for unrelated system data or secrets.
- Install Mechanism
- noteInstallation is instruction-only but the SKILL.md directs users to run a global npm install of @membranehq/cli@latest. Installing from the public npm registry is a common pattern but is higher-risk than instruction-only skills because it writes code to disk; the registry metadata did not include an install spec, which is an inconsistency worth flagging.
- Credentials
- okThe skill does not request environment variables, credential files, or secrets in its metadata. The SKILL.md explicitly advises against asking users for API keys and uses Membrane to manage auth, which is proportionate to the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or cross-skill configuration. The agent can invoke the skill autonomously (default), which is normal for skills and is not by itself a concern.