Back to skill
Skillv1.0.3
ClawScan security
Marketo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 12:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install steps are coherent with a Marketo integration that uses the Membrane CLI; nothing requested appears unrelated to its stated purpose.
- Guidance
- This skill appears internally consistent and reasonable for interacting with Marketo via Membrane. Before installing: (1) verify the @membranehq/cli package and publisher (consider checking the npm package page and repository and pinning a version instead of using `@latest`); (2) perform the install in a controlled environment (or use a container) if you don't want global npm packages installed system-wide; (3) when connecting Marketo, review and limit OAuth scopes and permissions to the minimum required; (4) be aware that the CLI runs with your user privileges and that Membrane will hold access to your Marketo data — confirm you trust that third party. If you want further assurance, request the official Membrane CLI repo/package checksum or install instructions from the vendor site before proceeding.
Review Dimensions
- Purpose & Capability
- okThe name/description (Marketo integration) matches the SKILL.md: it instructs use of the Membrane CLI to manage Marketo resources. The skill declares network access and a Membrane account, and it does not ask for unrelated credentials or files.
- Instruction Scope
- okInstructions are narrowly scoped: install CLI, authenticate via Membrane, create/connect a Marketo connection, list/search/create/run actions. They do not direct the agent to read unrelated system files, environment variables, or transmit data to unexpected endpoints. Headless auth requires the user to paste a code, which is standard OAuth flow.
- Install Mechanism
- noteThe SKILL.md tells users to run `npm install -g @membranehq/cli@latest`. Installing a global npm package is a reasonable way to get a CLI, but it runs remote code on the user's machine and therefore carries moderate risk. This is proportionate for a CLI-based integration but users should verify the package provenance and consider pinning a specific version rather than installing `@latest` globally.
- Credentials
- okThe skill requests no environment variables or local secrets. It relies on Membrane to manage credentials server-side, which aligns with the guidance in the README. Note: connecting a Marketo account will grant Membrane (and therefore the CLI/connection) access to Marketo data — review OAuth scopes and account-level permissions before connecting.
- Persistence & Privilege
- okThe skill does not request permanent 'always' inclusion (always: false), does not modify other skills' configs, and has no install artifacts in the skill bundle (instruction-only). Autonomous invocation is allowed but this is the platform default.