Fibery
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned Fibery/Membrane workspace integration, but users should be careful with account permissions and workspace data changes.
Before installing, confirm you trust the Membrane/Fibery connection, grant the least workspace access needed, and require confirmation for destructive or bulk changes. The provided SKILL.md excerpt is truncated, so review the full instructions if available.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be able to make changes in Fibery if connected with sufficient permissions.
The skill is intended to manage Fibery workspace data, which can include creating or changing business records. This is purpose-aligned, but broad enough that users should keep approval boundaries clear.
Fibery integration. Manage Workspaces. Use when the user wants to interact with Fibery data.
Use least-privilege Fibery/Membrane access and ask the agent to confirm before creating, updating, deleting, or bulk-changing workspace data.
Connecting a high-privilege account could allow broad access or changes in the connected workspace.
The skill relies on an external account, so actions may inherit that account's Fibery/Membrane permissions. This is expected for the integration and no credential misuse is shown.
compatibility: Requires network access and a valid Membrane account (Free tier supported).
Connect only trusted accounts and prefer a limited-scope account or token if Fibery/Membrane supports it.
Private workspace records, documents, comments, or attachments may be read or summarized by the agent when you ask it to work with Fibery.
The skill is framed around interacting with Fibery data types that may contain sensitive workspace content or account-related records, which could be surfaced into the agent context during normal use.
- **Document** - **Comment** - **Attachment** - **User** - **API Key** - **OAuth Client**
Avoid requesting unnecessary sensitive records, and verify outputs before sharing them outside the workspace.