Back to skill
Skillv1.0.3
ClawScan security
Kingsumo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 12:27 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only adapter that uses the Membrane CLI to talk to KingSumo; its requirements and instructions are coherent with that purpose and do not ask for unrelated secrets or system access.
- Guidance
- This skill is coherent: it delegates auth to Membrane and instructs installing the official Membrane CLI. Before installing, verify the @membranehq/cli package on npm and the legitimacy of getmembrane.com; prefer installing the CLI in an isolated environment (container or dedicated VM) rather than globally if you have security concerns. Be aware the login flow uses a browser/OAuth code — do not paste other credentials into chat. If you need to avoid third-party CLI installs, ask for a direct KingSumo integration or for the actions you need to be executed server-side by a trusted operator.
Review Dimensions
- Purpose & Capability
- okThe name and description state a KingSumo integration and the SKILL.md consistently instructs use of the Membrane CLI to connect to KingSumo. No unrelated environment variables, binaries, or config paths are requested.
- Instruction Scope
- okThe runtime instructions are limited to installing and using the Membrane CLI, performing login, creating a connection, discovering and running actions. They do not instruct reading arbitrary files, accessing unrelated environment variables, or transmitting data to endpoints outside Membrane's flows.
- Install Mechanism
- noteThere is no formal install spec in the skill bundle, but the SKILL.md tells users to run 'npm install -g @membranehq/cli@latest'. That is expected for this integration, but global npm installs execute third-party code on the host — users should verify the package, trust the publisher, or install in an isolated environment (container/virtualenv) if concerned.
- Credentials
- okThe skill declares no required env vars or credentials. It relies on Membrane to manage auth (browser/OAuth flow) and explicitly advises not to ask users for API keys. Requested access is proportionate to the described purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges or modify other skills. Autonomous invocation is allowed by default on the platform but the skill itself does not elevate privilege or demand permanent presence.