Php Point Of Sale
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a normal PHP Point of Sale integration, but it can use credentials and affect retail transaction data, so permissions should be checked before use.
Install only if you intend to connect a Membrane/PHP Point of Sale account. Before using it, verify the account permissions and ask the agent to confirm any action that changes sales, payments, purchases, inventory, customers, or other business records.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad request could create or alter sales, purchase, payment, or inventory-related records if the connected account permits it.
This indicates the skill may be able to perform purchase-like or transaction-changing POS actions. That is coherent with a point-of-sale integration, but higher impact than read-only data access.
Capability signals: can-make-purchases
Use explicit instructions and review/confirm sales, payment, inventory, and purchase-changing operations before allowing them to be submitted.
The agent may act with the privileges of the connected Membrane/PHP Point of Sale account, including access to business and transaction data.
The skill appears to require OAuth or sensitive account access even though the formal credential fields are not populated. This may be normal Membrane-managed auth, but users should verify what scopes the connected account grants.
Primary credential: none ... Capability signals: requires-oauth-token; requires-sensitive-credentials
Connect only a least-privileged account or token, check OAuth scopes, and revoke access when the integration is no longer needed.