Front
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Front integration, but it relies on Membrane authentication/CLI and can read or change Front business data, so users should review permissions and commands before use.
Install this only if you trust Membrane and intend to connect your Front workspace. Verify the CLI package source, use the least-privileged account practical, and explicitly review any update or delete action before allowing the agent to run it.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could update conversations or delete contacts in the connected Front workspace when instructed to run those actions.
The skill documents state-changing and destructive Front actions. These fit the advertised purpose, but they affect business/customer data if run.
| Update Conversation | update-conversation | Update a conversation's properties ... | ... | Delete Contact | delete-contact | Delete a contact from Front |
Confirm the exact Front action and parameters before write or delete operations, and prefer least-privileged Front access where possible.
Connecting the skill gives Membrane-mediated access to the selected Front account until the connection is revoked or expires.
The integration uses delegated authentication with ongoing credential refresh. That is expected for Front access, but it grants continuing account authority.
Membrane handles authentication and credentials refresh automatically
Authenticate only to the intended Front workspace, review the requested permissions during OAuth, and revoke the connection when no longer needed.
Installing the CLI runs third-party package code on the local system as part of setup.
The setup relies on a globally installed, unpinned npm package. This is disclosed and purpose-aligned, but users should trust and verify the package source.
npm install -g @membranehq/cli@latest
Install from the official npm package, consider pinning a reviewed version, and avoid running the setup in sensitive environments without verification.
If provider-returned setup instructions are treated too broadly, the agent could follow directions that were not explicitly given by the user.
The skill may receive provider-supplied instructions for the agent during connection setup. This appears intended for setup, but such instructions should not override the user's goal.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agent instructions as limited setup hints and keep user confirmation for sensitive actions.
Front commands and returned Front data may be handled through the Membrane integration flow.
Front access is mediated through Membrane rather than only direct local calls. This is disclosed and purpose-aligned, but it introduces a third-party service boundary.
This skill uses the Membrane CLI to interact with Front. Membrane handles authentication and credentials refresh automatically
Review Membrane's access model and privacy terms before connecting sensitive Front workspaces.