Linqs
ReviewAudited by ClawScan on May 10, 2026.
Overview
Linqs is a disclosed Membrane-based integration, but it gives broad authenticated API access that can change or delete business data and has some scope ambiguity the user should review.
Install only if you trust Membrane and have verified the correct Linqs domain and data scope. Use a least-privilege or test account where possible, require confirmation before any create/update/delete or raw proxy request, and consider pinning the CLI version rather than using @latest.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You could authorize or use the skill believing it manages one category of business data while the documented operations expose a different set of account resources.
The stated capability scope and the listed operations do not line up clearly, making it ambiguous which Linqs data the skill is meant to handle.
description: ... Manage Persons, Organizations, Deals, Leads, Activities, Notes and more ... ## Linqs Overview ... Link ... Create Link ... Delete Link ... Page ... User ... Account ... Analytics
Verify that this is the correct Linqs service, domain, and data scope before authenticating or allowing mutations.
If the agent chooses the wrong endpoint, method, or input, it could change or delete Linqs business/account data.
This exposes a broad authenticated API escape hatch, including destructive methods, rather than only predefined scoped actions.
send requests directly to the Linqs API through Membrane's proxy... HTTP method (GET, POST, PUT, PATCH, DELETE)
Require explicit user confirmation for create/update/delete/proxy requests, prefer predefined actions, and avoid raw proxy calls unless the endpoint and impact are clearly reviewed.
Actions taken through the skill may run under your authenticated Membrane/Linqs account.
The skill uses delegated Membrane/Linqs authentication and refreshed credentials, which is expected for the integration but grants account-level authority.
Membrane handles authentication and credentials refresh automatically... membrane login --tenant --clientName=<agentType>
Use the least-privileged account or connection available, review requested access during login, and revoke the connection when it is no longer needed.
You would be running externally supplied CLI code on your machine under your user account.
The setup relies on installing the latest Membrane CLI package globally from npm; this is purpose-aligned but unpinned and changes over time.
npm install -g @membranehq/cli@latest
Install only if you trust the Membrane CLI source, consider pinning a known version, and use a controlled environment if possible.
Business data sent to or returned from Linqs may be handled through the Membrane service.
Requests, responses, and auth handling pass through Membrane as a gateway between the agent and Linqs; this is disclosed and purpose-aligned, but it is an important trust boundary.
through Membrane's proxy... injects the correct authentication headers — including transparent credential refresh
Review Membrane and Linqs privacy/security expectations and avoid sending unnecessary sensitive data through proxy requests.