Back to skill
Skillv1.0.3
ClawScan security
Fireberry · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 12:02 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required commands, and lack of extra credentials align with its stated purpose of integrating Fireberry via the Membrane CLI.
- Guidance
- This skill appears internally coherent: it uses the Membrane CLI to access Fireberry and does not request unrelated secrets. Before installing or running it, confirm you trust the @membranehq/cli package on npm (review the package repo and recent releases), prefer non-global installs (npx or local install) if you want to avoid system-wide changes, and use a least-privilege/test Membrane/Fireberry account for initial testing. Expect the login flow to open a browser or produce a URL/code — do not paste unrelated credentials into prompts. If you require higher assurance, inspect the Membrane CLI source or run it in an isolated environment first.
Review Dimensions
- Purpose & Capability
- okThe skill describes a Fireberry CRM integration and all runtime instructions show how to use the Membrane CLI to connect, discover, and run Fireberry actions — this matches the stated purpose and does not request unrelated capabilities.
- Instruction Scope
- okSKILL.md only instructs the agent to install and use the Membrane CLI, authenticate via the provided flow, create/list connections, discover and run actions; it does not ask the agent to read local secrets, system files, or exfiltrate data to unexpected endpoints. It does require network access and interactive/browser-based auth, which is explicitly documented.
- Install Mechanism
- noteThe SKILL.md recommends installing @membranehq/cli via npm (global install). Installing a third-party CLI from npm is a standard approach but has moderate risk because npm packages can execute install-time scripts; the skill itself contains no install spec or downloaded code beyond this recommendation.
- Credentials
- okNo environment variables, credentials, or config paths are declared or required by the skill. Authentication is delegated to Membrane's interactive/login flow (via browser/URL). There are no unexplained requests for unrelated secrets.
- Persistence & Privilege
- okThe skill is instruction-only, has no install manifest that writes persistent files, and does not request always:true or cross-skill configuration changes. Autonomous invocation is allowed (platform default) but not combined with other red flags.