Back to skill
Skillv1.0.1
ClawScan security
Gopay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 11:00 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are coherent with a GoPay integration that uses the Membrane service; nothing in the skill asks for unrelated credentials or opaque system access.
- Guidance
- This skill appears to be what it says: a GoPay integration that uses the Membrane platform. Before installing or running the CLI: (1) verify the Membrane project and npm package (@membranehq/cli) are the official sources (check https://getmembrane.com and the GitHub repo), (2) prefer installing the CLI in a controlled environment (local dev VM or container) because `npm install -g` runs third-party code, (3) when authenticating, confirm the browser URL/domain is the expected Membrane site and don’t paste unrelated secrets into prompts, and (4) note the SKILL.md asks you to install the CLI but the registry metadata omitted that requirement — treat that as a documentation gap and confirm you’re comfortable with the CLI before proceeding.
Review Dimensions
- Purpose & Capability
- noteThe skill is an instruction-only integration that delegates GoPay access to the Membrane platform, which matches the claimed purpose. Minor documentation mismatch: the registry metadata lists no required binaries, but SKILL.md explicitly instructs installing and using the Membrane CLI (npm/@membranehq/cli and npx). This is a likely omission in metadata rather than a functional incoherence.
- Instruction Scope
- okSKILL.md stays on-task: it instructs installing the Membrane CLI, logging in, creating a connection, discovering/creating actions, and running them. It does not ask the agent to read unrelated files, request unrelated env vars, or exfiltrate data to unknown endpoints. Authentication flows are browser-based or headless URL/code, as expected for a hosted service.
- Install Mechanism
- noteThere is no platform install spec; the README instructs users to run `npm install -g @membranehq/cli@latest` or use `npx`. Installing an npm package globally (or running npx) will execute code from the npm registry and write binaries to disk — a normal choice for a CLI but one with the usual npm risks (supply-chain/malicious package). The skill does not itself perform the install automatically.
- Credentials
- okThe skill declares no required environment variables or credentials and explicitly advises not to ask users for API keys, relying on Membrane to manage auth. This is proportionate for a connector that uses a third-party hosted service to manage credentials.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent system privileges or configuration changes. Autonomous invocation (disable-model-invocation=false) is the platform default and is not, by itself, a red flag here.