v1.0.4

Drata

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 4:42 PM.

Analysis

This appears to be a Drata/Membrane integration, but it requests sensitive OAuth-style access and describes broad management of compliance data without clear action limits.

GuidanceBefore installing, verify the publisher and repository, confirm exactly which Drata or Membrane OAuth scopes are requested, and use the least-privileged account available. Treat this as a sensitive compliance integration and require explicit confirmation before the agent changes records, access requests, keys, service accounts, risks, vendors, or reports.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

Manage Controls, Standards, Objectives, Reports, Persons, Risks and more.

The skill describes broad management authority over Drata objects, but the artifacts do not define approval gates, read-only defaults, write limits, or rollback expectations for high-impact operations.

User impactA mistaken or overbroad agent action could change important compliance, personnel, reporting, or risk records.

RecommendationUse least-privilege access, prefer read-only scopes where possible, and require explicit user confirmation before any create, update, delete, access-request, or change-request action.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

metadata

Source: unknown

The skill has no install code or dependencies, but the listed source is unknown, so publisher/provenance should be verified before granting sensitive integration access.

User impactA user may have less assurance about who maintains the integration before connecting sensitive compliance accounts.

RecommendationVerify the owner, repository, and expected Membrane/Drata relationship before authorizing credentials.

Cascading Failures

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

Control ... Report ... Vendor ... Risk ... Service Account ... Key ... Access Request ... Change Request

The listed Drata object types include organization-wide compliance, access, vendor, risk, and account-security records; changes to these records can affect audits, reporting, workflows, and teams if not contained.

User impactOne incorrect agent action could propagate into compliance reports, access workflows, vendor reviews, or audit records.

RecommendationUse limited scopes, test in non-production where possible, and require confirmation for changes that affect reports, people, access, vendors, risks, or keys.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

metadata

Primary credential: none ... Capability signals: requires-oauth-token; requires-sensitive-credentials

The credential contract is inconsistent: requirements do not declare a primary credential, while capability signals indicate OAuth and sensitive credentials are required.

User impactUsers may grant sensitive Drata or Membrane account access without a clear statement of required scopes or privilege boundaries.

RecommendationConfirm the exact OAuth provider, requested scopes, account role, and revocation path before use; avoid admin-level tokens unless strictly necessary.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

SKILL.md

compatibility: Requires network access and a valid Membrane account

The skill relies on an external networked Membrane account for a Drata integration, so users should understand the provider and data boundary for sensitive compliance data.

User impactSensitive Drata compliance data may be accessed through an external integration account or provider boundary.

RecommendationConfirm how Membrane connects to Drata, what data is transmitted, and which account identity performs actions.