Skillv1.0.3

ClawScan security

Loyaltylion · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 11:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and requested actions are consistent with its stated purpose (using the Membrane CLI to interact with LoyaltyLion) and it does not ask for unrelated credentials or privileged system access.
Guidance: This skill appears coherent and limited in scope, but before installing/running anything: 1) verify the npm package (@membranehq/cli) is the official Membrane CLI and review its npm page/maintainer and recent release notes; 2) prefer installing in a controlled environment (not on sensitive production hosts) or use a local package manager alternative; 3) when you run `membrane login`, check the OAuth scopes and the authorization URL you are asked to open — do not paste secrets into channels or public logs; 4) confirm you trust Membrane as a third-party proxy for LoyaltyLion data, since the CLI will manage credentials and talk to Membrane servers; 5) if you need stricter isolation, consider using ephemeral credentials or a dedicated account for the integration. Overall, nothing in the skill itself asks for unrelated credentials or escalated privileges.

Purpose & Capability: okThe skill's name/description claim to integrate with LoyaltyLion and all instructions are about using the Membrane CLI to connect to LoyaltyLion and run actions. Requiring Membrane (via the CLI) is coherent with the stated purpose.
Instruction Scope: okSKILL.md instructs installing and using the @membranehq/cli, logging in via Membrane's auth flow, creating a connection, discovering and running actions. It does not instruct reading unrelated system files, collecting arbitrary data, or sending data to unexpected endpoints beyond Membrane/LoyaltyLion flows.
Install Mechanism: noteThere is no built-in install spec (instruction-only), but the doc tells users to run `npm install -g @membranehq/cli@latest`. Installing a global npm package is a reasonable way to get a CLI, but it carries the usual risks of installing third-party packages from npm (verify the package source/maintainer).
Credentials: okThe skill declares no required environment variables, no credentials, and the instructions explicitly say to let Membrane handle credentials. No disproportionate secret access is requested.
Persistence & Privilege: okThe skill is not set to always: true and has no install-time modifications or requests to alter other skills or system-wide settings. It only instructs running the Membrane CLI interactively or via commands.