Back to skill
Skillv1.0.3
ClawScan security
Finerio Connect · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:31 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are coherent with a Finerio Connect integration that delegates auth and API access to the Membrane CLI — nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to do what it claims: it uses the Membrane CLI to connect to Finerio Connect and run pre-built actions. Before installing/using it: (1) verify you trust @membranehq/cli on npm (review the package and its maintainer), (2) avoid installing global npm packages on sensitive systems unless you vet them (use npx or isolated environments), and (3) confirm the browser-based auth flow and any locally stored tokens meet your security policies.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md tells the agent to use the Membrane CLI to interact with Finerio Connect. No unrelated permissions or credentials are requested in the registry metadata.
- Instruction Scope
- okInstructions are limited to installing/using the Membrane CLI, performing login (interactive or headless browser flow), creating connections, discovering and running actions. They do not direct the agent to read arbitrary system files, harvest unrelated credentials, or transmit data to unexpected endpoints.
- Install Mechanism
- noteThere is no registry install spec (skill is instruction-only). The SKILL.md tells users to install @membranehq/cli from npm (public registry) or run via npx. This is expected for a CLI integration, but installing npm packages runs third-party code — users should verify the package/source before installing globally.
- Credentials
- okThe skill declares no required env vars or credentials. The SKILL.md relies on Membrane's delegated auth/browser flow rather than asking for API keys, which is proportionate for the stated purpose.
- Persistence & Privilege
- okThe skill is not always-enabled, does not request elevated platform persistence, and is instruction-only (no code writing or config mutation specified). Autonomous invocation is allowed by default but not combined with other red flags.