Back to skill
Skillv1.0.1
ClawScan security
Oksign · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 11:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements align with its stated OKSign integration purpose; it is an instruction-only wrapper around the Membrane CLI and does not request unexplained credentials or perform unrelated actions.
- Guidance
- This skill is an instruction-only wrapper that expects you to use the Membrane CLI to connect to OKSign. Before installing or using it: 1) Verify you trust the @membranehq/cli npm package and its publisher (review the package and its GitHub repo) before running a global npm install. 2) Understand that connecting via Membrane authorizes that service to access your OKSign data (documents, templates, users) — only connect accounts you are willing to expose to that service. 3) Be cautious running in headless/shared environments: the login flow prints codes and the CLI may persist locally. 4) If you need tighter control, consider creating a least-privilege account or testing with non-production data first.
Review Dimensions
- Purpose & Capability
- okThe name/description (OKSign integration: documents, templates, users, teams) matches the SKILL.md, which instructs the agent to use the Membrane CLI to connect to OKSign, list/create actions, and run them. The guidance to install the Membrane CLI is consistent with the described functionality. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okRuntime instructions are limited to installing/using the Membrane CLI (membrane login, membrane connect, membrane action list/run/etc.). The SKILL.md does not direct reading arbitrary host files, environment variables, or external endpoints outside Membrane/OKSign. Note: actions may return document contents and other sensitive OKSign data as part of normal operation — that is expected but worth being aware of.
- Install Mechanism
- noteThere is no formal install spec in the registry (skill is instruction-only), but the SKILL.md tells users to run 'npm install -g @membranehq/cli@latest'. This is a public npm package install (expected for a CLI). It's not a download-from-arbitrary-URL or an archive extract, but installing a global npm package requires trusting that package and its publisher.
- Credentials
- okThe registry declares no required env vars or credentials. The SKILL.md explicitly says Membrane handles auth server-side and advises against asking users for API keys. That is proportionate. Keep in mind that using the Membrane connection will grant the Membrane service access to your OKSign data per its connector/authorization flow.
- Persistence & Privilege
- okThe skill does not request 'always: true' and does not include install scripts that persist into the agent environment. The only persistent change the doc suggests is the user's manual global installation of the Membrane CLI, which is a normal, user-initiated action. Autonomous invocation is allowed (default) but not combined with other red flags here.