Back to skill
Skillv1.0.0
ClawScan security
Lazada · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 9:15 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions align with its stated purpose (Lazada integration via the Membrane CLI); nothing requested is disproportionate or unrelated.
- Guidance
- This skill is coherent: it uses the Membrane CLI to access Lazada and does not request unrelated secrets. Before installing, verify the @membranehq/cli package and maintainer (check the npm page and the GitHub repo), consider using npx instead of a global npm -g install, and confirm you trust Membrane to handle and store Lazada credentials (review their privacy/security docs). If you require stricter control over credentials, avoid giving the CLI account access or test in an isolated environment first.
Review Dimensions
- Purpose & Capability
- okThe skill is an instruction-only integration that directs the agent to use the Membrane CLI to manage Lazada data. Requiring the Membrane CLI and a Membrane account is coherent with the described functionality; no unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md stays on-topic: install CLI, authenticate (interactive or headless), create/connect a Lazada connection, discover and run actions. It does not instruct reading unrelated files, exporting secrets, or contacting unknown endpoints beyond the Membrane service.
- Install Mechanism
- noteThere is no formal install spec in the registry, but the README instructs installing @membranehq/cli via npm (global install). Installing an npm package from the public registry is a reasonable choice for a CLI, but npm packages are a moderate-risk install vector — verify the package name/maintainer and prefer npx or local installs to avoid global changes.
- Credentials
- okThe skill declares no required environment variables or secrets. The documentation explicitly states Membrane handles credentials server-side and warns not to request API keys, which is proportional for this connector.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request system-level persistence. Model invocation is allowed (the platform default) but this is not combined with other red flags here.