Skillv1.0.3

ClawScan security

Ibanfirst · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 5:06 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements match its stated purpose (IBanFirst integration via the Membrane CLI); it asks for no unrelated secrets and is instruction-only, though you should verify the Membrane tooling and avoid installing packages with elevated privileges.
Guidance: This skill is coherent and appears to do what it says: use Membrane's CLI to integrate with IBanFirst. Before installing or following the instructions: (1) verify the @membranehq/cli package and the GitHub repository (ensure they are the official project); (2) avoid running npm install -g with sudo — prefer npx or a non-root install to reduce risk; (3) understand that Membrane will hold your IBanFirst credentials and perform actions on your behalf, so review their privacy/security policies and the permissions requested when you create the connection; (4) consider testing in an isolated environment (or a throwaway account) first. If you need higher assurance, ask the publisher for the official package URL and signed release artifacts before installation.

Purpose & Capability: okName, description, and runtime instructions all describe connecting to IBanFirst via the Membrane platform and CLI; the required capabilities (network + Membrane account) are appropriate for that purpose.
Instruction Scope: okSKILL.md stays on-topic: it instructs installing and using the Membrane CLI, performing login and connection creation, discovering and running actions. It does not direct reading unrelated files, environment variables, or exfiltration to unexpected endpoints.
Install Mechanism: noteThere is no automated install spec in the registry (instruction-only). The docs recommend npm install -g @membranehq/cli@latest (or npx). Installing a global npm package is a normal workflow but has moderate risk if run with sudo; verify the package and prefer npx/local install or non-root installation when possible.
Credentials: okThe skill requests no environment variables or local secrets. It relies on a Membrane account and their hosted auth flow to manage IBanFirst credentials, which is proportionate but means you must trust Membrane to hold and use those credentials.
Persistence & Privilege: okSkill is instruction-only, always:false, and does not request permanent agent-level privileges. Default autonomous invocation is allowed by platform policy but the skill itself does not request elevated persistence or modify other skills.