Docker Hub
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent Docker Hub integration, but it gives the agent broad authenticated Docker Hub API access, including write/delete methods, without clear guardrails.
Use this skill only if you trust Membrane and are comfortable granting Docker Hub access. Prefer a least-privileged Docker Hub account, review or pin the CLI install, and require explicit confirmation before any repository, organization, team, or delete operation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent request could alter or delete Docker Hub repositories, tags, organization settings, teams, or memberships.
This exposes a broad authenticated API escape hatch, including mutating and delete methods, without artifact-stated limits, confirmations, or containment for high-impact Docker Hub account changes.
When the available actions don't cover your use case, you can send requests directly to the Docker Hub API through Membrane's proxy... HTTP method (GET, POST, PUT, PATCH, DELETE).
Require explicit user confirmation before write, delete, or membership changes; prefer scoped prebuilt actions; and use a least-privileged Docker Hub connection where possible.
The agent may be able to act with the permissions of the connected Docker Hub account.
The skill requires delegated account access and persistent credential refresh, which is expected for a Docker Hub integration but gives the connected account's Docker Hub authority to the workflow.
Membrane handles authentication and credentials refresh automatically
Review the requested connection permissions, use a limited account or token if available, and revoke the Membrane/Docker Hub connection when it is no longer needed.
Future CLI versions could behave differently from the version reviewed here.
The setup uses a global npm installation with the moving @latest tag. This is central to the skill's stated Membrane workflow, but it means the installed code can change over time.
npm install -g @membranehq/cli@latest
Verify the npm package source, consider pinning a known CLI version, and install it in an environment appropriate for third-party tooling.
Docker Hub request details and possibly sensitive payloads may pass through Membrane's infrastructure.
Docker Hub API requests and authentication handling are routed through Membrane as a third-party proxy/gateway. This is disclosed and purpose-aligned, but it is an important data boundary.
send requests directly to the Docker Hub API through Membrane's proxy. Membrane automatically appends the base URL to the path you provide and injects the correct authentication headers
Review Membrane's privacy and security posture, avoid sending unnecessary secrets in request bodies, and use dedicated connections for sensitive Docker Hub accounts.