Back to skill
Skillv1.0.2
ClawScan security
Filescom · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 9:03 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper that tells the agent to use the Membrane CLI to talk to Files.com; its requested actions and requirements are consistent with that purpose (no unexplained credentials or hidden installs), though it does instruct the user to install a global npm CLI which you should verify before running.
- Guidance
- This skill appears internally consistent: it simply documents how to use the Membrane CLI to work with Files.com. Before installing/using it, verify the @membranehq/cli package is legitimate (npm package page, GitHub repo, vendor site), consider using a scoped or local install (or npx) instead of `-g` if you prefer not to add global binaries, and review what permissions the connector will grant to avoid giving broad access to production data. Because this is instruction-only, there is no code in the skill to audit—if you need stronger assurance, review the Membrane CLI source and the Files.com connector implementation, and test with a limited-access account or sandbox before running destructive actions (e.g., delete-user, delete-file).
Review Dimensions
- Purpose & Capability
- okThe name/description (Files.com integration) match the instructions: the SKILL.md documents using the Membrane CLI to connect to Files.com, list/run actions, and proxy API requests. Nothing requested (no env vars, no config paths) is inconsistent with a connector that delegates auth to Membrane.
- Instruction Scope
- okThe instructions stay on-topic: install the Membrane CLI, perform membrane login/connect, list/run actions, and optionally proxy requests. The doc does not direct reading unrelated files or environment variables. It does instruct a global npm install and browser-based login flows, which are expected for this kind of CLI integration.
- Install Mechanism
- noteThis skill is instruction-only (no registry install spec), but tells users to run `npm install -g @membranehq/cli`. Installing a public npm CLI globally is a reasonable choice for a CLI-based integration but carries the normal moderate risk of installing third-party code—verify the package/author (npm page, GitHub repo, checksums) before installing. The skill itself does not embed or download code.
- Credentials
- okNo environment variables or credentials are declared. Authentication is delegated to Membrane's login flow (browser or headless code completion). That is proportional, but note: successful login grants the CLI (and thus any agent actions that use it) access to your Files.com account resources—consistent with the skill's purpose.
- Persistence & Privilege
- okThe skill is not always-enabled and user-invocable only. It does not request persistent system-wide changes or other skills' configs. Autonomous invocation is allowed (default); combined with Membrane-authenticated access this means the agent could perform actions on Files.com when invoked, which is expected for an integration.