Nango
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to be a legitimate Nango/Membrane integration, but it grants broad authenticated API access that could change or delete Nango data without documented safeguards.
Before installing, confirm you trust the Membrane CLI and only connect an account with permissions you are comfortable giving the agent. Be especially careful with raw proxy requests or any POST, PUT, PATCH, or DELETE operation, and ask the agent to show the exact endpoint and payload before it runs them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could modify or delete Nango connections, users, groups, or related account data.
This gives the agent a broad authenticated API escape hatch, including destructive methods, without documenting approval requirements, endpoint limits, or safeguards.
When the available actions don't cover your use case, you can send requests directly to the Nango API through Membrane's proxy... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE).
Require explicit user confirmation for mutating requests, prefer scoped Membrane actions, and document allowed endpoints and rollback expectations.
The agent may be able to act with the permissions of the connected Membrane/Nango account.
The skill uses delegated Membrane/Nango account authentication. This is purpose-aligned, but it grants ongoing authenticated access through Membrane.
Membrane handles authentication and credentials refresh automatically... `membrane login --tenant`
Use a least-privileged account or tenant, verify which connection is selected, and revoke unused connections when finished.
Users must trust the external npm package and whichever version is installed or fetched at runtime.
The skill depends on an external CLI package installed globally or run via @latest, while no package code is included in the reviewed artifact set.
`npm install -g @membranehq/cli` ... `npx @membranehq/cli@latest action list --intent=QUERY --connectionId=CONNECTION_ID --json`
Install from the official package source, consider pinning a known version, and avoid running the CLI from untrusted environments.