ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Loop Returns

v1.0.2

Loop Returns integration. Manage Returns, Merchants, Customers, Integrations. Use when the user wants to interact with Loop Returns data.

0· 68·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say this integrates with Loop Returns; the SKILL.md exclusively documents using the @membranehq/cli to authenticate and run Loop Returns actions. No unrelated credentials, binaries, or services are requested.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI (login, connect, list/run actions). They do not instruct reading arbitrary files, accessing unrelated environment variables, or exfiltrating data to unexpected endpoints.
Install Mechanism
The skill recommends installing the Membrane CLI via `npm install -g @membranehq/cli`. That is a standard npm-based install (moderate risk compared to instruction-only), and it is expected for a CLI-driven integration. The recommendation is user-executed rather than an automated install in the skill bundle (no install spec present).
Credentials
The skill declares no required env vars or credentials and relies on Membrane for auth. That is proportionate: interacting with Loop Returns via Membrane normally requires a Membrane account and browser-based auth, which the SKILL.md documents.
Persistence & Privilege
always:false (no forced inclusion) and model invocation is allowed (default). This is normal; however, if the agent is given Membrane credentials, autonomous invocation could perform actions against Loop Returns—ensure the account used has appropriate, limited permissions.
Assessment
This skill is instruction-only and uses the Membrane CLI to access Loop Returns — it does not request unrelated secrets or files. Before installing or using it: (1) verify the @membranehq/cli package and the Membrane project (check the NPM page and GitHub repo) to ensure you trust the publisher; (2) prefer installing the CLI in a controlled environment (avoid global installs on shared hosts if you can); (3) use a Membrane account with least privilege for automation (so the agent cannot perform destructive actions); (4) when running auth flows in headless environments, copy and confirm any codes or URLs manually; and (5) if you allow autonomous invocation, be aware the agent could call the CLI and perform Loop Returns operations using whatever account is authenticated — restrict permissions accordingly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cz1wssv7q9s7dhe218v4cg1843sdn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments