Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Geocodio
v1.0.2Geocodio integration. Manage Deals, Persons, Organizations, Leads, Projects, Pipelines and more. Use when the user wants to interact with Geocodio data.
⭐ 0· 70·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a Geocodio geocoding integration and how to use the Membrane CLI to call Geocodio. However the skill's short description/metadata (provided above) mentions 'Manage Deals, Persons, Organizations, Leads, Projects, Pipelines' — CRM concepts unrelated to geocoding. This mismatch suggests a copy/paste or metadata error and reduces confidence that the registry metadata accurately reflects the skill's purpose.
Instruction Scope
The instructions are focused on using the Membrane CLI (install, login, connect, action list/run, and proxy requests). They do not ask the agent to read local files or other unrelated environment variables. However, the 'membrane request CONNECTION_ID /path' capability lets the operator proxy arbitrary API calls through Membrane using the connection's credentials — this is powerful and means a compromised connection or CLI could be used to call arbitrary endpoints using the user's Geocodio credentials.
Install Mechanism
There is no automatic installer in the skill bundle, but SKILL.md instructs users to run 'npm install -g @membranehq/cli' to get the Membrane CLI. Installing a global npm package is a normal approach but has moderate risk: verify the package name, publisher, and source (npmjs/org and GitHub repo) before installing. The skill does not embed or download arbitrary binaries itself.
Credentials
The skill declares no required environment variables and relies on Membrane to manage credentials and token refresh. That is proportionate for a connector-style integration. The SKILL.md explicitly warns not to ask the user for API keys, which is consistent with delegating auth to Membrane.
Persistence & Privilege
The skill is not always-enabled and requests no system-level config access. Model invocation is allowed (default) but that is platform-normal and not compounded by other red flags here.
What to consider before installing
This skill mostly looks like a Geocodio connector implemented through the Membrane CLI, but before installing or using it you should: 1) Verify the skill's provenance — the registry metadata and SKILL.md disagree (CRM vs geocoding), so check the publisher, GitHub repo (SKILL.md lists membranedev/application-skills) and the @membranehq/cli package on npm to ensure they are legitimate. 2) Understand that installing '@membranehq/cli' globally gives you a new CLI that will manage your Geocodio credentials server-side — ensure you trust Membrane and their account flow, because a connection grants Membrane the ability to call APIs on your behalf. 3) Be aware that 'membrane request' can proxy arbitrary endpoints using the connection; only create connections for services you trust and review what endpoints the skill or agent will call. 4) If you need higher assurance, ask the skill author for the exact repository commit or a signed publisher identity, or run the Membrane CLI in an isolated environment/container rather than installing globally. 5) If you don't want to install a global npm package or delegate credentials to a third party, do not proceed.Like a lobster shell, security has layers — review code before you run it.
latestvk974e5dkd4k2fpt5bfphm8jq2h842kae
License
MIT-0
Free to use, modify, and redistribute. No attribution required.