Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pipeline Crm
v1.0.0PipelineCRM integration. Manage data, records, and automate workflows. Use when the user wants to interact with PipelineCRM data.
⭐ 0· 24·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the instructions: the skill integrates with PipelineCRM via the Membrane CLI and PipelineCRM API proxy. The actions and workflows described (connectors, actions, proxy requests) are consistent with a CRM integration.
Instruction Scope
Runtime instructions are focused on using the Membrane CLI to authenticate, discover actions, run actions, and proxy arbitrary PipelineCRM API requests. They do not ask the agent to read unrelated local files or secrets. Important note: requests and data are routed through Membrane's service (a third-party proxy), so CRM data will be transmitted to/get processed by that external service.
Install Mechanism
There is no formal install spec in the registry metadata, but the SKILL.md directs the user to install an npm package (npm install -g @membranehq/cli) or use npx. Installing a global npm package is a normal but privileged action (may require elevated permissions). The install source is the public npm registry (moderate risk) and is expected for this purpose, but the mismatch between declared 'no install' and the documented install step is an inconsistency.
Credentials
The registry lists no required env vars or credentials, but the SKILL.md clearly requires a Membrane account and browser-based login (credentials managed by the Membrane CLI). The skill does not request unrelated credentials, but it does rely on an external service to store/manage auth — users should be aware of that and of any data the proxy will see.
Persistence & Privilege
The skill does not request always: true and has no special persistence or system-wide privileges. The Membrane CLI will persist its own auth/config locally (normal behavior for a CLI) but the skill does not request modifying other skills or system configs.
Assessment
This skill appears to do what it says (PipelineCRM integration via Membrane), but consider the following before installing:
- Trust & data flow: Using this skill sends CRM requests through Membrane (getmembrane.com). That means your PipelineCRM data and API traffic will be proxied by a third party. Review Membrane's privacy/security policies and confirm you trust the service.
- Installation: SKILL.md tells you to install @membranehq/cli from npm (or use npx), but the registry metadata omitted this requirement. Installing global npm packages may require elevated privileges; prefer npx or a local install if you want to avoid sudo/global installs.
- Credentials: You must sign into a Membrane account via browser-based login; the CLI stores credentials locally. Create a least-privilege/integration account in PipelineCRM where possible rather than using an admin account.
- Verify sources: Check the npm package and the referenced GitHub repository (https://github.com/membranedev/application-skills) to ensure they are legitimate and match the published package.
- Test safely: If concerned, test in an isolated environment or with a sandbox/test PipelineCRM account first.
The main issues are omissions in metadata (required Node/npm and the need for a Membrane account) and the fact that data is proxied by an external service — these are not proof of malice but are important operational and privacy considerations.Like a lobster shell, security has layers — review code before you run it.
latestvk970zxtsvehmv7e3gm5hrh1ch1847afm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.