Grist
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches a Grist integration, but it gives an agent broad Membrane/Grist authority that can modify or delete records, documents, and workspaces without clear scope or confirmation guidance.
Install only if you trust Membrane and are comfortable granting it access to your Grist account. Use a limited-permission Grist account where possible, confirm all destructive or administrative actions before execution, and avoid using the skill on sensitive workspaces unless the access scope is clear.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent selects the wrong action or acts on an ambiguous request, it could change or delete Grist records, documents, or workspaces.
The primary workflow is generic action execution through Membrane, and the documented action set includes destructive and mutating Grist operations. The artifacts do not add approval, scope, or rollback requirements for these high-impact actions.
Use action names and parameters as needed. ... membrane action run <actionId> --connectionId=CONNECTION_ID --input '{"key": "value"}' --json ... Delete Records ... Update Records ... Delete Document ... Delete WorkspaceUse only with explicit user approval for create, update, delete, role, user, document, and workspace changes; prefer least-privilege Grist accounts and confirm target IDs before running actions.
A connected account may retain broad access to Grist data and administrative functions beyond a single task.
The skill uses delegated Membrane/Grist authentication with automatic credential refresh for account-management capabilities, but does not specify permission scopes, role limits, or revocation guidance.
Manage Workspaces, Users, Roles. ... membrane login --tenant --clientName=<agentType> ... Membrane handles authentication and credentials refresh automatically
Authenticate with the least-privileged account possible, review the granted Membrane/Grist connection, and revoke or rotate access when no longer needed.
The installed CLI version can change over time and will run locally with the user's privileges.
The Membrane CLI is central to the skill's purpose, but the instruction installs a global package using the moving @latest tag rather than a pinned version.
npm install -g @membranehq/cli@latest
Verify the package source and consider installing a pinned, reviewed version of the Membrane CLI.
Grist requests, responses, and connection metadata may pass through Membrane as part of normal operation.
The skill intentionally routes Grist integration activity through Membrane, including authentication handling. This is purpose-aligned, but users should understand that a third-party integration layer is involved.
This skill uses the Membrane CLI to interact with Grist. Membrane handles authentication and credentials refresh automatically
Review Membrane's trust, privacy, and access model before connecting sensitive Grist workspaces.