Daily
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: daily Version: 1.0.2 The 'daily' skill bundle provides instructions for an AI agent to manage video and audio calls via the Daily.co platform using the Membrane CLI (@membranehq/cli). While the top-level description contains a minor documentation error (referencing CRM-like entities like 'Deals' and 'Leads'), the functional content correctly focuses on Daily-specific actions such as managing rooms, meetings, and recordings. No evidence of malicious intent, data exfiltration, or unauthorized execution was found in SKILL.md or _meta.json.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may approve or invoke the skill expecting one kind of data management while the skill actually operates on Daily rooms, recordings, meetings, tokens, and participants.
The stated description points to CRM-style data, but the actual instructions and actions are for Daily video infrastructure and include room/recording operations. This mismatch could mislead a user or agent about what account data the skill will affect.
description: ... Manage Persons, Organizations, Deals, Leads, Projects, Activities and more ... Daily is a platform for adding video and audio calls ... Delete Recording ... Delete Room
Correct the description to match Daily video/audio capabilities and clearly list the types of Daily resources the skill can read or modify.
If used carelessly, the agent could alter Daily account configuration, delete recordings or rooms, create tokens, or eject participants.
The skill provides an authenticated raw API proxy and lists destructive or disruptive Daily actions, but does not state limits, confirmation requirements, or recovery guidance for delete/eject/update operations.
membrane request CONNECTION_ID /path/to/endpoint ... HTTP method (GET, POST, PUT, PATCH, DELETE) ... Delete Recording ... Delete Room ... Eject Participant
Require explicit user confirmation for destructive or mutating actions, prefer scoped prebuilt actions over raw proxy calls, and document safe-use boundaries.
The skill can act through the user's connected Daily account, subject to whatever permissions that connection has.
The integration requires delegated Membrane/Daily authentication and ongoing credential refresh. This is expected for the service, but it grants account-level authority through the connection.
Membrane handles authentication and credentials refresh automatically ... membrane login --tenant ... membrane connect --connectorId=CONNECTOR_ID --json
Use the least-privileged Daily/Membrane account available and review the connection permissions before using mutating actions.
Installing a global CLI gives that package code execution on the user's machine during install and later command use.
The skill instructs installing an external global npm CLI package. This is disclosed and purpose-aligned, but the package is not pinned in the artifact.
npm install -g @membranehq/cli
Install only from the official npm package/source, consider pinning a known version, and verify the publisher before installation.
Daily request data and returned meeting, participant, room, or recording metadata may pass through Membrane infrastructure.
The skill routes Daily API calls through Membrane's proxy/gateway, which is disclosed and expected, but it creates a third-party trust boundary for API requests and responses.
send requests directly to the Daily API through Membrane's proxy ... injects the correct authentication headers — including transparent credential refresh
Use this only if the user accepts Membrane as the broker for Daily API access and avoid sending unnecessary sensitive data through raw proxy calls.