Logoraisr
Analysis
This is a disclosed Membrane-based Logoraisr integration, but it requires installing a CLI, logging into Membrane, and can make credentialed Logoraisr API requests.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
When the available actions don't cover your use case, you can send requests directly to the Logoraisr API through Membrane's proxy... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE).
The skill documents a broad authenticated API proxy that can use mutating or deleting HTTP methods. This is disclosed and aligned with an integration skill, but it expands the range of actions beyond prebuilt scoped workflows.
`npm install -g @membranehq/cli` and `npx @membranehq/cli@latest action list --intent=QUERY --connectionId=CONNECTION_ID --json`
The skill depends on an external npm CLI, including a global install and an @latest invocation. This is purpose-aligned, but it is not pinned by the skill artifacts.
Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.
This skill uses the Membrane CLI to interact with Logoraisr. Membrane handles authentication and credentials refresh automatically... `membrane login --tenant`.
The skill requires a Membrane login and delegated Logoraisr connection. That credentialed access is expected for the integration, but it is still account authority the user should understand.