Back to skill
Skillv1.0.0
ClawScan security
Jst Erp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:44 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install steps are coherent with a JST ERP integration using the Membrane CLI; nothing requested appears unrelated to the stated purpose.
- Guidance
- This skill is coherent: it uses the Membrane CLI to manage JST ERP actions and asks only for network access and a Membrane account. Before installing, confirm you trust the @membranehq npm package and the Membrane service (review their repo, package ownership, and privacy/credential handling). To reduce risk, prefer using npx or a local install instead of a global npm -g install, and ensure you understand where connection credentials are stored (Membrane server-side) before creating connections.
Review Dimensions
- Purpose & Capability
- okThe skill is an instruction-only integration that directs the agent to use the Membrane CLI to connect to a JST ERP connector. Requested capabilities (network access, Membrane account, installing @membranehq/cli) align with the described purpose; there are no unrelated credentials, binaries, or config paths required.
- Instruction Scope
- okSKILL.md stays on-topic: it instructs installing and using membrane commands (login, connect, action list/run/create). It does not instruct reading arbitrary local files, harvesting environment variables, or sending data to unexpected endpoints beyond Membrane. Headless auth and polling guidance are documented and appropriate for the stated flows.
- Install Mechanism
- noteInstallation is via npm (npm install -g @membranehq/cli and npx usage). This is a common and reasonable approach for a CLI, but global npm installs carry the usual supply-chain risk; verify the @membranehq package and prefer npx or a scoped/local install if you want to avoid global installs.
- Credentials
- okNo environment variables or secrets are required by the skill. The documentation explicitly recommends letting Membrane manage credentials and not asking users for API keys, which is proportionate for a connector-based integration.
- Persistence & Privilege
- okThe skill is not forced-always, does not request elevated system persistence, and does not modify other skills' configurations. It relies on Membrane to create and store connections (server-side), which is expected behavior for this integration.