ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Docsgenflow

v1.0.2

DocsGenFlow integration. Manage Documents, Users, Workspaces. Use when the user wants to interact with DocsGenFlow data.

0· 112·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (DocsGenFlow integration) match the instructions: all runtime steps use the Membrane CLI to discover connectors, create connections, run actions, and proxy API calls to DocsGenFlow. There are no unrelated credential requests, binaries, or config paths.
Instruction Scope
Instructions are narrow and focused on installing and using the Membrane CLI, logging in, creating a connection, listing actions, running actions, and proxying requests. They do direct the user/agent to perform arbitrary proxied API calls (membrane request), which is expected for an integration but effectively grants the agent the ability to call any endpoint available through the connection—so trust in Membrane and careful choice of connection scopes matter.
Install Mechanism
This is an instruction-only skill (no install spec), but it tells users to run `npm install -g @membranehq/cli`. Installing a global npm package is a normal approach, but it requires trusting the package publisher and modifies the host environment. The skill itself does not automatically install anything.
Credentials
The skill declares no required env vars or local secrets. Authentication is delegated to Membrane (browser login / server-side credential management). This is proportionate, but it means credentials are stored/managed by Membrane—users should be aware and comfortable with that.
Persistence & Privilege
always is false and there is no install-time persistence or config mutation described. The skill does allow normal autonomous invocation (platform default), which is expected for skills; nothing here indicates elevated or permanent privileges beyond that.
Assessment
This skill appears to do what it says: it uses the Membrane CLI as a proxy to operate on DocsGenFlow resources. Before installing/using it: (1) verify and trust the @membranehq/cli npm package (check the publisher and package repository), because `npm install -g` runs code on your machine; (2) understand that Membrane will hold and manage your DocsGenFlow credentials and proxy API traffic—review Membrane's privacy/security docs and connection scopes; (3) be cautious when allowing the agent to run arbitrary `membrane request` calls since those can access any endpoint permitted by the connection; and (4) avoid using this with highly sensitive accounts unless you trust Membrane and you’ve audited the connector scopes. If you want higher assurance, ask the skill author for a signed source repository or an install spec that pins a vetted release.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dq8sbk0ved9e2z9n5qfv6th843xc7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments