Back to skill
Skillv1.0.3
ClawScan security
Coupa Pay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, dependencies, and scope align with its stated purpose (a Coupa Pay integration via the Membrane CLI); nothing requested appears disproportionate or unrelated.
- Guidance
- This skill appears coherent: it uses the Membrane CLI to access Coupa Pay and asks only for a Membrane account. Before installing: (1) verify the @membranehq/cli package on the npm registry and the publisher (or use npx for one-off commands), (2) review the OAuth/consent screen when authenticating to Membrane to understand what access you'll grant, and (3) avoid pasting any unrelated API keys or secrets into prompts. If you need higher assurance, request a provenance link for the exact CLI release (npm package page or GitHub release) before installing globally.
Review Dimensions
- Purpose & Capability
- okThe skill claims to integrate with Coupa Pay and its SKILL.md exclusively instructs the agent to use the Membrane CLI and Membrane-managed connectors (e.g., connectorKey coupa-pay) to discover and run actions. Required network access and a Membrane account are consistent with that purpose.
- Instruction Scope
- okRuntime instructions are narrowly scoped to installing/using the Membrane CLI, creating a connection, discovering actions, building actions, and running actions. There are no directives to read unrelated local files, access unrelated environment variables, or exfiltrate data to unexpected endpoints.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec in metadata) that tells the user to install @membranehq/cli from npm (npm install -g or npx usage). Installing a global npm package runs third-party code and carries moderate supply-chain risk, but it is proportionate to the stated functionality (a CLI integration). Verify the package and publisher before installing.
- Credentials
- okThe skill declares no required environment variables or credentials and explicitly instructs not to ask users for API keys (it relies on Membrane-managed auth). Requiring a Membrane account is justified by the CLI usage.
- Persistence & Privilege
- okThe skill does not request permanent presence (always:false) and does not instruct modification of other skills or system-wide settings. It relies on standard Membrane login flows that may store credentials for the CLI — this is expected behavior for a CLI-based integration.