Back to skill
Skillv1.0.3
ClawScan security
Frontegg · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 9:31 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are coherent with its stated purpose: it delegates Frontegg access to the Membrane CLI and does not request unrelated credentials or system access, but it does require installing and trusting an external CLI/service.
- Guidance
- This skill is coherent: it expects you to use the Membrane CLI to connect to Frontegg rather than asking for raw API keys. Before installing/use, verify you trust the Membrane project and the npm package @membranehq/cli (review its npm page and source), because `npm install -g` runs third-party code and will install a persistent CLI on your machine. Be aware you will authenticate via a browser (the CLI stores auth state locally and Membrane will hold connector credentials server-side), so only proceed if you are comfortable delegating credential management to Membrane. If you prefer less host impact, run the CLI in a disposable environment or inspect the package source before installing.
Review Dimensions
- Purpose & Capability
- okThe skill claims to integrate with Frontegg and its runtime instructions show using the Membrane CLI and a Frontegg connector — this matches the stated purpose. The SKILL.md's references (Membrane CLI, connect, action list/run) are appropriate for a connector-style skill.
- Instruction Scope
- noteAll runtime instructions stay within the connector workflow (install CLI, login, create connection, list and run actions). The skill does not instruct reading unrelated files or environment variables. Note: it tells the user/agent to run global npm installs and to perform interactive/browser authentication, which affects the host environment and persists CLI credentials.
- Install Mechanism
- noteThere is no formal install spec in the skill bundle, but the SKILL.md asks the user/agent to run `npm install -g @membranehq/cli@latest` (or npx). This pulls code from the public npm registry — a common pattern but one that executes third-party code on the host. That is moderate risk and should be evaluated by trusting the @membranehq package and registry.
- Credentials
- okThe skill does not request environment variables or unrelated credentials; it expects a Membrane account and uses Membrane to handle Frontegg credentials server-side. This is proportionate, but it centralizes credential custody with the Membrane service (trust implication).
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated platform privileges. The only persistence impact is the Membrane CLI installation and its local auth state after login — normal for CLI-based integrations. The skill does not modify other skills or system-wide agent settings in the instructions.