Back to skill
Skillv1.0.1
ClawScan security
Harmonic · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 5:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are internally consistent with a Membrane-based Harmonic integration — it asks you to install and use the Membrane CLI and does not request unrelated credentials or suspicious behaviors.
- Guidance
- This skill is an instruction-only integration that uses the official Membrane CLI to talk to Harmonic; it does not ask for unrelated secrets and is coherent with its stated purpose. Before installing: (1) verify you trust the @membranehq npm package and the getmembrane.com project; (2) be aware 'npm install -g' installs system-wide and may require admin rights; (3) confirm where the Membrane CLI stores credentials (local cache vs. server-side) and whether you’re comfortable giving Membrane access to your Harmonic account; (4) note the skill metadata did not declare the Membrane CLI as a required binary — ensure the CLI is available in any environment where you expect the skill to run. If you need stricter change control, request a pinned CLI version instead of '@latest' and audit the @membranehq/cli package contents before installation.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md consistently describes a Harmonic integration that uses the Membrane CLI to list, create, and run connector actions. That capability matches the skill's name/description. Minor inconsistency: the registry metadata lists no required binaries, but the runtime instructions require the @membranehq/cli to be installed and network access; the skill should have declared the CLI as a required binary.
- Instruction Scope
- okInstructions are limited to installing the Membrane CLI, authenticating (via browser/code flow), creating connections, searching for actions, and running them. The instructions do not tell the agent to read arbitrary local files, harvest environment variables, or exfiltrate data to unknown endpoints. They explicitly advise against asking users for API keys and to let Membrane handle auth.
- Install Mechanism
- noteInstall is a single npm global install (@membranehq/cli@latest), which is a common distribution mechanism and avoids arbitrary downloads. This is moderate-risk compared to offline install methods: npm packages are traceable but run code during install; global (-g) installs can require elevated privileges. The instruction uses 'latest' rather than a pinned version.
- Credentials
- okThe skill declares no required environment variables and the instructions explicitly avoid asking for API keys. This is proportionate. Caveat: the Membrane CLI will manage authentication and likely persists tokens/connections (locally or server-side), so users should understand where credentials are stored by the CLI.
- Persistence & Privilege
- noteThe skill does not request 'always' presence and is user-invocable. This is appropriate. Note that the Membrane CLI (when used) will create persistent connections and manage auth state; also an agent with CLI access could run actions autonomously if the platform allows command execution — autonomous invocation is normal but combined with a CLI that holds credentials increases what an agent can do.