Back to skill
Skillv1.0.1
ClawScan security
Oneuptime · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 9:08 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install advice align with its stated purpose (using the Membrane CLI to interact with OneUptime); nothing requested is disproportionate or unrelated.
- Guidance
- This skill appears to be what it says: a guide to using the Membrane CLI to talk to OneUptime. Before installing/using it, verify the Membrane CLI package (publisher, GitHub repo, and npm page), prefer installing in a sandbox or container rather than with `-g` on a sensitive system, consider pinning a specific CLI version instead of `@latest`, and use a least-privileged Membrane/OneUptime account for connections. If you need stronger assurances, review the @membranehq/cli source repository and the permissions the CLI requires during login.
Review Dimensions
- Purpose & Capability
- okThe name/description (OneUptime integration) matches the SKILL.md: it instructs the agent to install and use the Membrane CLI to connect to OneUptime and run actions. No unrelated credentials, binaries, or paths are requested.
- Instruction Scope
- okRuntime instructions are narrowly scoped to installing the Membrane CLI, logging in, creating/listing connections, discovering and running Membrane actions, and polling build states. The instructions do not ask the agent to read arbitrary system files, access unrelated environment variables, or transmit data to unexpected endpoints.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec enforced), advising `npm install -g @membranehq/cli@latest`. Installing a CLI from npm is a reasonable way to get the required tooling, but global npm installs execute third-party code on the host and pulling `@latest` has some risk (undiscovered changes). This is expected for a CLI integration but users should verify the package source and version before installing.
- Credentials
- okThe skill declares no required env vars, no primary credential, and relies on Membrane for auth. That is proportionate: authentication is handled through Membrane login flows rather than the skill asking for unrelated secrets.
- Persistence & Privilege
- okThe skill is not set to always:true and does not request any system-wide config changes. It is user-invocable and permits normal autonomous invocation (platform default), which is appropriate for an integration skill.