Espocrm
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent EspoCRM integration, but it grants broad third-party CRM write access through Membrane without visible confirmation or scoping safeguards.
Review this skill before installing. It appears to do what it claims—connect to EspoCRM through Membrane—but you should use a least-privileged CRM account, confirm before any create/update actions, and be comfortable with installing the Membrane CLI and routing CRM access through Membrane.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could create or change CRM records if prompted or if it selects a write-capable action, which may affect business data.
The skill uses dynamic action discovery against a CRM connection and includes write actions for business records, but the provided visible instructions do not define allowed actions, require confirmation, or describe rollback for mutations.
`membrane action list --connectionId=CONNECTION_ID --intent "QUERY" --limit 10 --json` ... popular actions include `Create Lead` and `Update Lead`.
Only install if you are comfortable granting CRM write access through Membrane; require explicit user approval before create/update actions and use the least-privileged EspoCRM account available.
Membrane and the configured connection may be able to access EspoCRM data according to the permissions granted during login.
The integration depends on delegated authentication and refreshed credentials. This is expected for an EspoCRM connector, but it is sensitive account authority.
Membrane handles authentication and credentials refresh automatically ... `membrane login --tenant --clientName=<agentType>`
Authenticate only with the intended tenant/account, review the permissions granted, and revoke the connection if you stop using the skill.
The behavior of the installed CLI can change over time as the npm package updates.
The documented setup installs a globally available CLI from npm using the moving `latest` version. This is purpose-aligned, but unpinned global installs carry supply-chain and update risk.
`npm install -g @membranehq/cli@latest`
Install from the official npm package, consider pinning a reviewed version, and keep the CLI updated through a trusted process.
External setup instructions could influence how the agent proceeds during authentication or configuration.
The skill allows provider-returned instructions to guide the agent during connection setup. This can be useful, but those instructions should not override the user's goal or safety checks.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat provider-supplied instructions as limited to the current connection workflow, and do not follow any instruction that asks for unrelated actions or secret disclosure.
CRM queries, results, and connection metadata may be processed through Membrane rather than only locally in the agent.
CRM interactions are routed through the Membrane integration layer. This is disclosed and purpose-aligned, but it is an external provider boundary for customer and CRM data.
This skill uses the Membrane CLI to interact with EspoCRM. Membrane handles authentication and credentials refresh automatically.
Review Membrane's privacy/security terms and ensure the CRM data you access through this skill is appropriate for that provider.