Back to skill
Skillv1.0.1
ClawScan security
Ganai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 11:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required actions, and lack of requested secrets are coherent with a Membrane-based Gan.AI integration; nothing requested appears disproportionate to its stated purpose.
- Guidance
- This skill appears internally consistent, but you should: (1) verify the @membranehq/cli npm package and the getmembrane.com / GitHub repository before installing; (2) prefer running commands via npx or pin a specific CLI version instead of npm install -g to reduce supply-chain risk; (3) be ready to complete an interactive browser login (or copy a code) — Membrane will manage credentials server-side so you won't need to hand over Gan.AI API keys; and (4) if you need stronger isolation, run the CLI in a disposable environment (container or VM) rather than installing globally.
Review Dimensions
- Purpose & Capability
- okThe skill says it integrates with Gan.AI via the Membrane platform and the SKILL.md exclusively instructs using the Membrane CLI to create connections, discover and run actions — this is consistent with the stated purpose.
- Instruction Scope
- okRuntime instructions are limited to installing/using the Membrane CLI, performing Membrane login (browser or URL-based code flow), creating connections, listing and running actions. The instructions do not ask the agent to read unrelated files, access unrelated env vars, or exfiltrate data to unexpected endpoints.
- Install Mechanism
- noteThe SKILL.md recommends installing @membranehq/cli via npm -g (or using npx). npm package installs are a common method but carry supply-chain risk compared with no-install instruction-only skills; using npx or pinning a known-good version reduces exposure. There is no opaque download URL or extract step.
- Credentials
- okThe skill declares no required env vars or credentials and instructs relying on Membrane's managed auth flow rather than collecting API keys locally — this is proportionate to the integration purpose.
- Persistence & Privilege
- okalways is false, there are no code files or automatic install steps baked into the skill itself. The only persisted artifacts would be the Membrane CLI installation and its stored credentials on the host, both created explicitly by the user when following the instructions.