Back to skill
Skillv1.0.2
ClawScan security
Octopus Deploy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 8:58 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and actions align with its Octopus Deploy integration purpose and there are no unexplained permissions or credentials requested.
- Guidance
- This skill is coherent: it proxies Octopus Deploy through the Membrane service and requires you to install and authenticate the Membrane CLI. Before installing, decide whether you trust Membrane (getmembrane.com) to hold your Octopus credentials and to proxy requests. Prefer using npx (the SKILL.md already shows npx in examples) or verifying the @membranehq/cli npm package and its maintainer before running a global npm install, since global npm installs can run postinstall scripts. Also be aware the CLI opens a browser-based login flow; do not enter credentials on unknown sites. If you don't trust Membrane or the npm package, do not install — otherwise this skill appears to do what it claims.
Review Dimensions
- Purpose & Capability
- okName/description say it's an Octopus Deploy integration and the SKILL.md exclusively instructs using the Membrane CLI to connect, discover actions, run actions, and proxy requests to Octopus — these requirements are coherent and expected for that purpose.
- Instruction Scope
- okRuntime instructions only cover installing/using the Membrane CLI, logging in via the browser, creating a connector, listing/running actions, and proxying API requests. The instructions do not ask the agent to read unrelated files, environment variables, or system configuration.
- Install Mechanism
- noteThe SKILL.md recommends npm install -g @membranehq/cli (public npm). That is a common, traceable install method but carries the usual supply-chain considerations of global npm packages and postinstall scripts. The registry metadata contains no automated install spec — nothing will be written automatically by the platform.
- Credentials
- okThe skill declares no required env vars or credentials. Authentication is performed via Membrane's browser-based login flow and managed server-side per the doc; this is proportionate to its stated function.
- Persistence & Privilege
- okSkill is not always-enabled and does not request elevated or persistent system privileges. Platform flags are default (user-invocable, model invocation allowed). It does not instruct modifying other skills or system-wide agent config.