Back to skill
Skillv1.0.1
ClawScan security
Harperdb · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 11:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install steps are consistent with a HarperDB integration that delegates auth and API handling to the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears coherent and uses the Membrane CLI to manage HarperDB connections. Before installing, verify you trust the Membrane project and the @membranehq/cli npm package: check the package page, author/org, recent release history, and ideally inspect the source code on the referenced repository. Install the CLI in a controlled environment (or use npx for one-off runs) and avoid pasting proprietary credentials into untrusted prompts. If you plan to grant the agent ongoing access, confirm what permissions the Membrane connection will have in HarperDB and limit them to the minimum necessary.
Review Dimensions
- Purpose & Capability
- okThe name/description (HarperDB integration) matches the instructions (use Membrane CLI to connect, discover, build, and run HarperDB actions). No unrelated credentials, binaries, or paths are requested.
- Instruction Scope
- okSKILL.md confines runtime behavior to installing/using the Membrane CLI, logging in, creating connections, listing and running actions. It does not instruct reading arbitrary files, accessing unrelated env vars, or exfiltrating data to unexpected endpoints. It explicitly instructs not to ask users for API keys.
- Install Mechanism
- noteInstall is via npm (npm install -g @membranehq/cli or npx). This is a typical package-manager install (moderate risk compared to instruction-only). Users should verify the npm package and publisher before installing, but the mechanism is coherent with the stated need for a CLI.
- Credentials
- okNo required env vars, primary credential, or config paths are declared. The SKILL.md relies on Membrane to manage credentials server-side, which is proportionate to the integration.
- Persistence & Privilege
- okThe skill is not forced always-on; it's user-invocable and allows normal autonomous invocation (platform default). It does not request system-wide config changes or access to other skills' credentials.