Lighthouse
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill can connect to a Lighthouse account and run create/update/delete actions, but its stated purpose is inconsistent with the ticket-management actions it exposes.
Review this skill carefully before installing. Confirm which Lighthouse product it is meant to control, because the documentation references Google Lighthouse auditing while the actions manage tickets and projects on lighthouseapp.com. If you use it, connect only the intended account and require explicit approval before create, update, or delete actions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may think they are installing a website-auditing helper while actually granting access to project/ticket data that can be changed or deleted.
The skill mixes Google Lighthouse website-auditing language with a Lighthouseapp-style project/ticket management connection and actions. That mismatch can mislead a user about what service and data the agent will actually access or modify.
Lighthouse is a website auditing tool used to improve the quality of web pages... Official docs: https://developers.google.com/web/tools/lighthouse ... membrane connection ensure "https://lighthouseapp.com/" ... Create Ticket ... Update Project ... Delete Ticket
Clarify the exact Lighthouse product, remove the unrelated Google Lighthouse description if inappropriate, and explicitly state the account data and actions the skill can perform.
If invoked too broadly, the agent could create, update, or delete tickets/projects in the connected account.
The instructions expose broad dynamic action execution against the connected account, including mutating and deleting project data. The provided visible artifact does not clearly limit when destructive actions should be run or require explicit user confirmation.
Use action names and parameters as needed. ... Create Ticket ... Create Project ... Update Ticket ... Update Project ... Delete Ticket ... membrane action run <actionId> --connectionId=CONNECTION_ID --input '{"key": "value"}' --jsonRequire explicit user confirmation for create, update, and delete actions, and document safe scopes, previews, and rollback expectations.
The connected account may remain accessible through Membrane for future agent actions until the connection is revoked.
The skill requires delegated authentication through Membrane and may maintain refreshed credentials. This is expected for the integration, but it is sensitive account authority.
Membrane handles authentication and credentials refresh automatically ... user needs to authenticate (OAuth, API key, etc.).
Connect only the intended account, review the permissions requested during authentication, and revoke the Membrane/Lighthouse connection when no longer needed.
Different users or future installs may run a newer CLI version than the one reviewed here.
The setup uses a globally installed npm CLI package pinned to `latest`. This is user-directed and central to the skill, but it means the installed code can change over time.
npm install -g @membranehq/cli@latest
Prefer a pinned CLI version or verify the package source before installation, especially in sensitive environments.