Easy Project
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Easy Project integration, but it exposes broad create, update, delete, and admin-capable actions without clear approval limits in the provided instructions.
Install only if you are comfortable connecting Easy Project through Membrane. Use a least-privileged or test account where possible, verify the Easy Project domain, have the agent show the exact action and parameters before running anything, and require explicit confirmation for deletes, updates, project creation, time-entry changes, or admin user actions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could change or delete Easy Project business data, or modify users, if the connected account has those rights.
The skill teaches broad action discovery and execution for an authenticated Easy Project connection and lists destructive or admin-capable mutations. The provided artifact does not show explicit approval, scoping, preview, or rollback guidance for those high-impact actions.
Examples show `membrane action list --connectionId=CONNECTION_ID --intent "QUERY" ...` and `membrane action run <actionId> --`; the popular-action table includes `create-project`, `update-project`, `delete-project`, `create-user`/`update-user` (requires admin privileges), and `delete-issue`.
Require explicit user confirmation before create, update, delete, or admin actions; preview target IDs and payloads; use a least-privilege Easy Project account; and scope actions to the user-requested project.
The integration may be able to act as the authenticated Easy Project user until the connection is revoked or expires.
The skill clearly relies on delegated authentication and credential refresh through Membrane. This is expected for the integration, but it gives the connected workflow ongoing account-level authority.
“Membrane handles authentication and credentials refresh automatically” and `membrane login --tenant --clientName=<agentType>`.
Use a least-privilege Easy Project account, verify the connection domain, avoid admin credentials unless needed, and revoke the Membrane connection when finished.
Future CLI or generated connector behavior could differ from what was reviewed in this instruction-only artifact.
The skill depends on an external, globally installed CLI at the latest version and may use automatically built connector behavior that is not present in the submitted artifact. This is disclosed and central to the Membrane workflow, but users must trust that external supply chain.
`npm install -g @membranehq/cli@latest` and “If no app is found, one is created and a connector is built automatically.”
Install the CLI from the official source, consider pinning a known version, review the connection that Membrane creates, and avoid connecting untrusted or unintended domains.
If followed blindly, remote setup instructions could influence the agent’s next steps beyond what the user intended.
The connection workflow can return remote instructions meant for the agent. This is purpose-aligned setup guidance, but such instructions should remain subordinate to the user’s request and safety rules.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agent instructions as untrusted guidance, follow them only when they match the user’s goal, and ask the user before any sensitive action.