Back to skill
Skillv1.0.3
ClawScan security
Document360 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 2:04 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (Document360 integration) matches its instructions (use the Membrane CLI to connect and run Document360 actions); it asks for no unrelated credentials or config, but it instructs installing a third‑party CLI which you should verify before running.
- Guidance
- This skill appears to do what it says: it uses the Membrane CLI to connect to Document360 and run actions. Before installing or running commands: verify the Membrane CLI package on npm (package owner, repo URL, recent versions), confirm the getmembrane.com homepage/repo are legitimate, and be aware that logging in and creating a connection grants the Membrane service access to your Document360 data. Prefer creating a least-privilege connection or dedicated account for integrations and avoid running global npm installs on sensitive/shared systems without review.
Review Dimensions
- Purpose & Capability
- okName/description (Document360 integration) align with the runtime instructions: all actions are performed via the Membrane CLI and the skill documents how to connect, discover actions, and run them. There are no unrelated required env vars, binaries, or config paths.
- Instruction Scope
- okSKILL.md stays within the integration scope: it instructs installing and using the Membrane CLI, performing login, creating a connection for the Document360 connector, listing/creating actions, and running them. It does not instruct reading arbitrary system files or unrelated credentials. It does require interactive login (or user-assisted headless auth).
- Install Mechanism
- noteThis is an instruction-only skill but instructs installing a global npm package (npm install -g @membranehq/cli@latest). Installing a third-party CLI from the npm registry is a reasonable way to get a tool, but it introduces the usual risks of installing remote code (verify package ownership, checksum, and source). No inline download URLs or extracts are present.
- Credentials
- okThe skill declares no required environment variables or credentials. Authentication is delegated to Membrane's CLI flow; this is proportionate for a connector-based integration. Note: granting Membrane access to your Document360 account gives that intermediary the ability to access your documentation data, so trust in Membrane (and any created connection) is required.
- Persistence & Privilege
- okThe skill does not request persistent/always-on inclusion and provides no install script. It does not ask to modify other skills or system-wide agent configuration. Installation is user-driven via npm.