Back to skill
Skillv1.0.3
ClawScan security
Employment Hero · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:25 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope align with an Employment Hero integration that uses the Membrane CLI; nothing requested is out of proportion with that purpose.
- Guidance
- This skill appears coherent: it uses the Membrane CLI to mediate access to Employment Hero. Before installing or using it, verify you trust the Membrane package (review the npm package and repository), prefer installing a pinned version rather than latest if you need stability, and be aware you'll authenticate via Membrane (so ensure you trust Membrane to handle Employment Hero credentials). No extra environment variables or surprising system access are requested.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md explains using the Membrane CLI to connect to Employment Hero, discover and run actions, and manage HR data. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okRuntime instructions are limited to installing/using the Membrane CLI, performing login/connection steps, listing/creating/running Membrane actions, and polling for action state. The doc does not instruct reading local files or unrelated environment variables or exfiltrating data to unexpected endpoints.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec), but it tells users to install @membranehq/cli via 'npm install -g'. Installing global npm packages executes third-party code on the host—this is expected for a CLI-based integration but worth reviewing (pin versions, verify package source and reputation).
- Credentials
- okThe skill declares no required env vars or credentials. It does require a Membrane account and interactive login to obtain connection(s) to Employment Hero, which is proportionate to the described functionality.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request permanent system presence or system-wide configuration changes. Autonomous invocation is allowed by default but not excessive here.