Flutterwave
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Flutterwave payment integration, but it can access credentials and perform high-impact payment or transfer actions without clear visible approval and scoping safeguards.
Before installing, confirm you trust Membrane and the CLI package, use least-privilege Flutterwave access, and require explicit human approval for any transfer, refund, beneficiary creation, payment-plan creation, or other financial mutation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could potentially create beneficiaries, initiate transfers, or change payment-related records if the connected Flutterwave account permits it.
The documented actions include mutating payment and transfer workflows that can affect real funds. In the provided artifact, these high-impact actions are not paired with visible requirements for explicit user confirmation, recipient/amount validation, or rollback boundaries.
"Manage Customers, Payments, Transfers, Invoices" ... "Create Beneficiary" ... "Create Transfer"
Require explicit user confirmation before any transfer, refund, payment-plan creation, beneficiary creation, or other financial mutation; confirm amount, currency, recipient, and account; and prefer least-privilege Flutterwave access.
Connecting the account may allow actions against real customer, payment, transaction, and transfer data through the user's Flutterwave permissions.
The skill delegates Membrane and Flutterwave authentication and token refresh. This is expected for a payment integration, but it grants sensitive account authority.
"Membrane handles authentication and credentials refresh automatically" and "membrane login --tenant --clientName=<agentType>"
Use a dedicated, least-privileged account or API role where possible, review Flutterwave/Membrane scopes, and revoke the connection when the integration is no longer needed.
The actual connector and CLI behavior may be updated outside this skill review, including changes introduced by the latest npm package or Membrane-generated connector.
The integration depends on an external globally installed CLI and potentially remote/generated connector behavior that is not included in the skill artifact. This is disclosed and central to the skill, but it is still a provenance point users should notice.
"npm install -g @membranehq/cli@latest" ... "If no app is found, one is created and a connector is built automatically."
Install the CLI only from the expected publisher, consider pinning a reviewed version, and review Membrane connector behavior before enabling high-impact financial actions.
Remote setup instructions could influence agent behavior if treated as authoritative beyond the connection task.
The skill tells the agent it may receive remote instructions from the connection workflow. This appears intended for setup, but such instructions should not override the user's original goal or safety checks.
"clientAction.agentInstructions" (optional) — instructions for the AI agent on how to proceed programmatically.
Treat remote agentInstructions as narrow setup hints only, and keep user intent, permissions, and confirmation requirements authoritative.
Sensitive payment-business data may be processed by both Flutterwave and Membrane during use.
Membrane acts as an external gateway for Flutterwave authentication and actions, so customer, transaction, payment, and credential-related data may pass through that service. This is disclosed and purpose-aligned, but the provided artifact does not detail data retention or boundary controls.
"This skill uses the Membrane CLI to interact with Flutterwave. Membrane handles authentication and credentials refresh automatically"
Review Membrane's security, privacy, and retention terms before connecting production payment accounts, and avoid sending unnecessary customer or transaction data.