Back to skill
Skillv1.0.1
ClawScan security
Jotform · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 9:20 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions align with its stated purpose: it uses the Membrane CLI to connect the agent to Jotform and does not request unrelated credentials or installs arbitrary remote code.
- Guidance
- This skill behaves as a thin wrapper around the Membrane CLI to access Jotform. Before installing: 1) Confirm you trust Membrane (getmembrane.com) because authentication tokens will be handled/stored by their CLI/service. 2) Install the CLI without root when possible (avoid running npm -g as root). 3) Review what permissions the connection requests in the browser and grant least privilege. 4) If you later want to revoke access, remove the Membrane connection or revoke tokens in your Jotform/Membrane account. 5) If you need tighter control, prefer a skill that uses direct Jotform API credentials you manage rather than a third-party proxy service.
Review Dimensions
- Purpose & Capability
- okThe name/description (Jotform integration) matches the instructions: all runtime steps use the Membrane CLI to authenticate and call Jotform-related actions. There are no unrelated env vars, binaries, or config paths required.
- Instruction Scope
- noteSKILL.md directs installation of the Membrane CLI and running membrane login/connect/action commands. This is within scope for a connector skill, but it does mean the user must authenticate via Membrane and the service will handle and store access tokens on the user's behalf. The instructions do not ask the agent to read unrelated files or exfiltrate data.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec), but it tells the user to run npm install -g @membranehq/cli@latest. Installing a CLI from the npm registry is standard for such tooling but is a moderate-risk operation compared to instruction-only skills because it writes code to disk and may require elevated privileges if run as root.
- Credentials
- okThe skill declares no required environment variables or primary credential. The CLI-based auth flow (browser-based or code exchange) is appropriate for obtaining the Jotform access the skill needs; no extraneous credentials are requested.
- Persistence & Privilege
- okThe skill is not always-included and does not request system-wide config paths. It relies on Membrane to manage credentials. Autonomous invocation is allowed (default) which is normal — there is no additional persistent or privileged presence requested by the skill itself.