ClawHub
Back to skill
v1.0.2

Florm

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:34 AM.

Analysis

This appears to be a legitimate Florm/Membrane integration, but it deserves review because it enables authenticated raw API requests and deletion/mutation of Florm data without clear guardrails.

GuidanceReview this skill before installing. It is coherent for managing Florm through Membrane, but only connect accounts you are comfortable letting the agent use, confirm destructive or mutating requests explicitly, and prefer narrowly scoped Membrane actions instead of raw API proxy calls whenever possible.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
When the available actions don't cover your use case, you can send requests directly to the Florm API through Membrane's proxy... `membrane request CONNECTION_ID /path/to/endpoint` ... HTTP method (GET, POST, PUT, PATCH, DELETE).

This documents a raw authenticated API escape hatch with mutating and deleting HTTP methods, but the skill does not define endpoint limits or confirmation requirements for high-impact actions.

User impactA mistaken or overly broad request could lead the agent to change or delete Florm data through the authenticated connection.
RecommendationRequire explicit user approval before any POST, PUT, PATCH, DELETE, or delete action, and prefer prebuilt Membrane actions with narrow inputs over raw proxy requests.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
Install the Membrane CLI so you can run `membrane` from the terminal:

```bash
npm install -g @membranehq/cli
```

The skill relies on a globally installed external npm package that is not represented by an install spec or reviewed code files in the artifact set, though it is aligned with the stated Membrane integration.

User impactThe user must trust the Membrane CLI package and its update/provenance chain before using the skill.
RecommendationInstall the CLI only from the official package source, verify the package name and publisher, and keep it updated through trusted channels.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Membrane handles authentication and credentials refresh automatically... injects the correct authentication headers — including transparent credential refresh if they expire.

The skill uses delegated Membrane/Florm account authority and automatic credential refresh, but the artifacts do not clearly bound which Florm permissions or API operations the agent may use.

User impactInstalling and using this skill may let the agent act with the connected Florm account's authority, including actions beyond simple reading if the account permits them.
RecommendationUse a least-privilege Florm/Membrane connection where possible, and verify the exact operation, target object, and connection ID before allowing account-mutating actions.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
you can send requests directly to the Florm API through Membrane's proxy. Membrane automatically appends the base URL to the path you provide and injects the correct authentication headers

Florm API traffic and potentially form data are routed through Membrane's proxy/gateway, which is disclosed and purpose-aligned but is still a third-party data and credential-handling boundary.

User impactFlorm data requested through the skill may pass through Membrane infrastructure as part of the integration.
RecommendationAvoid requesting unnecessary sensitive form responses, and ensure the user is comfortable with Membrane mediating access to the connected Florm account.