Back to skill
Skillv1.0.3
ClawScan security
Mixmax · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 4:02 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only Mixmax integration that consistently delegates authentication and API calls to the Membrane CLI/service; its requirements and instructions align with its stated purpose.
- Guidance
- This skill is instruction-only and delegates network and auth to the Membrane service/CLI. Before installing or running: verify the npm package (@membranehq/cli) and upstream project (getmembrane.com / the GitHub repo) are trustworthy; prefer installing the CLI in an isolated environment if you have security concerns; do not paste one-time auth codes into untrusted third-party forms or chat windows; and understand that the Membrane service will manage access to your Mixmax account (you'll authenticate via a browser flow).
Review Dimensions
- Purpose & Capability
- okName and description match the instructions: the skill is a Mixmax integration implemented by calling the Membrane CLI. Required resources (network and a Membrane account) are reasonable and expected for this functionality.
- Instruction Scope
- okSKILL.md limits actions to installing and using the Membrane CLI, logging in, creating a Mixmax connection, discovering and running actions. It instructs the user/agent to open auth URLs and pass one-time codes, which is appropriate for OAuth-like flows and does not ask the agent to read unrelated files or secrets.
- Install Mechanism
- noteThere is no built-in install spec, but the docs recommend `npm install -g @membranehq/cli@latest`. A global npm install is a standard way to get a CLI but it executes code from the public npm registry — this is expected for a CLI but users should verify the package name/maintainer and be mindful that npm packages run arbitrary install scripts.
- Credentials
- okThe skill declares no required environment variables or credentials and relies on Membrane to manage auth. That is proportionate: OAuth-style flows via the CLI are reasonable for this integration. No unrelated secrets are requested.
- Persistence & Privilege
- okThe skill is not always-on and does not request elevated platform privileges. It only instructs using the Membrane CLI for auth and connections and does not modify other skills or system-wide agent settings.