Skillv1.0.3

ClawScan security

Hive · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 1:07 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent: it implements a Hive integration by delegating work to the Membrane CLI/service and its instructions and requirements match that purpose, but installing a global npm CLI and delegating auth to a third party carry normal supply‑chain and privacy tradeoffs you should consider.
Guidance: This skill appears to do what it says (Hive via Membrane). Before installing/using it: 1) Review the @membranehq/cli package source (or verify its publisher) before a global npm install—global npm packages run code on your machine. 2) Prefer pinning a specific CLI version rather than `@latest` to reduce supply‑chain risk. 3) Understand that authentication/credentials are delegated to Membrane (a third party) and that Membrane will handle access to your Hive data—review their privacy/security documentation and permissions. 4) If you need tighter control, consider creating a dedicated Membrane account/tenant with limited scope or running the CLI in an isolated environment. 5) If you want higher assurance, ask for a signed release URL or repository commit/tag to verify the CLI binary/source.

Review Dimensions

Purpose & Capability: okName/description (Hive integration) align with the instructions: the skill tells the agent to use the Membrane CLI to connect to Hive, discover and run actions. No unrelated env vars, binaries, or resources are requested.
Instruction Scope: noteSKILL.md instructs installing and using the @membranehq/cli, running login/connect/list/run commands, and creating actions. All of these stay within the stated Hive integration purpose. It delegates authentication and credential management to Membrane (third party), so the agent/user will be sending Hive access through Membrane rather than directly storing local API keys.
Install Mechanism: noteThere is no registry install spec, but the README instructs running `npm install -g @membranehq/cli@latest`. Using a global npm package is a reasonable way to provide a CLI but carries supply‑chain and privilege implications (global install, running remote code). The instruction uses the `@latest` tag rather than a pinned version.
Credentials: okThe skill declares no required env vars or local config paths. It does require network access and a Membrane account, which are proportionate to integrating with Hive via a hosted connector. The delegation of credentials to Membrane is expected given the design.
Persistence & Privilege: okThe skill is instruction-only, has no install spec in the registry, and does not request always:true. It does allow normal autonomous invocation (platform default), which is not by itself a concern here.