Skillv1.0.2

ClawScan security

Grafbase · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 2, 2026, 8:58 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it is an instruction-only Grafbase integration that relies on the Membrane CLI and does not request unrelated credentials or privileged persistence.
Guidance: This skill is an instruction-only guide for using the Membrane CLI to access Grafbase and appears coherent. Before using it: (1) verify the @membranehq/cli package on npm and the Membrane project/repository (ensure you trust the publisher) before installing any global npm package; (2) be aware that 'membrane login' opens a browser and creates remote connections — you will be granting Membrane access to manage auth for Grafbase; (3) review the Membrane privacy/security docs to understand what data is proxied/stored server-side; (4) prefer installing CLIs locally (not globally) or inspect the package contents if you have supply-chain concerns. No additional credentials or elevated agent permissions are requested by the skill itself.

Purpose & Capability: okName/description match the instructions: the skill documents how to interact with Grafbase via the Membrane CLI. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md tells the agent/operator to install and use the @membranehq/cli, run login, create connections, list actions, run actions, and proxy requests. These steps are appropriate for a Membrane-based Grafbase integration. The instructions do open a browser for auth (expected). They explicitly advise not to collect API keys locally.
Install Mechanism: noteThe registry contains no automated install spec (instruction-only). The README instructs users to install a global npm package (npm install -g @membranehq/cli). Asking users to install a CLI from npm is reasonable for this use case but carries the normal supply-chain risk of third-party npm packages — verify package provenance before installing globally.
Credentials: okNo environment variables, credentials, or config paths are required by the skill. The SKILL.md explicitly defers credential handling to Membrane and recommends creating a connection rather than asking for keys — this is proportionate to the stated purpose.
Persistence & Privilege: okalways is false and there is no install that writes persistent agent-level config. The skill does not request system-wide privileges or modify other skills' configurations.