Back to skill
Skillv1.0.3
ClawScan security
Netsuite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 11:46 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (NetSuite integration) matches its instructions (use the Membrane CLI and account); nothing requested or instructed is disproportionate to that purpose.
- Guidance
- This skill is coherent for NetSuite access via the Membrane platform, but before installing: 1) Review and trust the @membranehq/cli npm package (consider pinning a known-good version instead of @latest and inspect the package repository). 2) Understand that using the CLI will create/authenticate connections which grant Membrane access to your NetSuite data — verify connector scopes and least privilege for the account you use. 3) In headless flows you will paste auth codes; ensure you only use the official Membrane URLs. 4) Monitor and revoke connections/credentials when no longer needed. If you need higher assurance, validate the referenced GitHub repo and the package checksums before global installation.
Review Dimensions
- Purpose & Capability
- okName and description state a NetSuite integration and the SKILL.md consistently instructs use of the Membrane CLI to connect to NetSuite. Required capabilities (network access, Membrane account, Membrane CLI) are proportional to the stated purpose.
- Instruction Scope
- okRuntime instructions are limited to installing and using the Membrane CLI, authenticating via browser/authorization URL, creating/listing connections, discovering and running actions, and best practices. The instructions do not ask the agent to read unrelated files, access unrelated environment variables, or transmit data to unexpected endpoints beyond Membrane and NetSuite connectors.
- Install Mechanism
- noteThe skill is instruction-only (no install spec), but the SKILL.md tells users to install @membranehq/cli from the public npm registry (npm install -g @membranehq/cli@latest). Installing a public npm CLI is expected here, but it writes code to disk and executes third-party code — a moderate but expected risk. There is no opaque download URL or extract step.
- Credentials
- okThe skill declares no required environment variables or credentials. Authentication is delegated to Membrane (interactive browser flow or headless auth code), which is consistent with an integration that centralizes auth. There are no unrelated credential requests.
- Persistence & Privilege
- okThe skill is not always-enabled (always:false) and has no install-time hooks or code files that persist beyond the user installing the Membrane CLI themselves. It does not request elevated platform privileges or modify other skills/configurations.