Back to skill
Skillv1.0.1
ClawScan security
Hunter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 3:10 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required actions, and tooling are consistent with a Hunter integration that uses the Membrane CLI; it does not request unrelated credentials or access.
- Guidance
- This skill looks coherent: it relies on the Membrane CLI to talk to Hunter and doesn't ask for unrelated credentials. Before installing, verify the npm package @membranehq/cli and the Membrane project (homepage/repo) to ensure you trust the publisher. Installing a global npm CLI is common but gives that package broad filesystem/exec capability on your machine, so review the package source (GitHub) or use a vetted package mirror if you have concerns. Note that authentication is done via Membrane's interactive flow—do not share unrelated API keys or secrets with the skill.
Review Dimensions
- Purpose & Capability
- okThe skill claims to integrate with Hunter and the SKILL.md exclusively instructs use of the Membrane CLI and the hunter connector. The required actions (connect, list actions, run actions) align with that purpose; there are no unrelated credentials or tools requested.
- Instruction Scope
- okRuntime instructions are limited to installing the Membrane CLI, logging in via Membrane, creating/listing connections, discovering actions, and running actions. The document does not instruct reading local secrets, scanning arbitrary files, or sending data to endpoints outside Membrane/Hunter.
- Install Mechanism
- noteInstall is an npm global package (npm install -g @membranehq/cli@latest). This is a standard mechanism for CLIs but carries the usual npm-package risk; the install method is proportionate to the CLI-based workflow described.
- Credentials
- okThe skill declares no required environment variables or config paths. Authentication is handled interactively by Membrane (browser-based or headless URL flow), which aligns with the stated design and avoids asking for raw API keys in the skill.
- Persistence & Privilege
- okalways is false and the skill does not request system-level persistence or modify other skills. Autonomous invocation is allowed (platform default) and appropriate for an integration skill of this type.