Skillv1.0.3

ClawScan security

Nusii Proposals · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 22, 2026, 1:08 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it integrates Nusii via the Membrane CLI and asks for the expected runtime actions (install CLI, authenticate, create a connection) without requesting unrelated credentials or filesystem access.
Guidance: This skill is coherent but depends on the third-party Membrane service and an npm-distributed CLI. Before installing or using it: (1) verify the @membranehq/cli package and its GitHub repo (check maintainer, recent activity, and issues); (2) prefer npx or pin a specific CLI version instead of npm install -g @latest to reduce supply-chain risk; (3) understand that connecting will grant Membrane access to your Nusii account — review Membrane's privacy/security docs and decide whether you trust that delegation; (4) when using headless auth flows, only paste codes into trusted prompts and avoid sharing them publicly.

Review Dimensions

Purpose & Capability: okThe name/description (Nusii Proposals) match the instructions: all runtime steps are about using the Membrane CLI to connect to Nusii and run actions. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope: okSKILL.md instructs installing the Membrane CLI, running login, creating a connection, discovering and running actions. It does not ask the agent to read arbitrary local files, other env vars, or exfiltrate data to unexpected endpoints. Using a browser/device-auth flow is documented for headless environments.
Install Mechanism: noteThe documentation asks users to install @membranehq/cli via npm (npm install -g @membranehq/cli@latest). Installing an npm package is a standard but moderate-risk action (it runs third-party code on the host). This is proportionate to providing a CLI, but users should verify the package source, consider using npx or pinning a version instead of @latest, and inspect the package repository if concerned.
Credentials: noteThe skill requests no local environment variables, which aligns with its claim that Membrane manages credentials server-side. However, using this skill means delegating Nusii (and potentially other connected services) access to Membrane — ensure you trust that third party with your Nusii data and review its privacy/security policies.
Persistence & Privilege: okThe skill is instruction-only, has no install spec in the registry, and does not request always:true or any elevated persistent privileges. Agent-autonomous invocation is enabled (default), which is expected for skills.