Back to skill
Skillv1.0.3
ClawScan security
Promptmateio · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 12:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are consistent with a Promptmate.io integration that uses the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill is coherent: it uses the Membrane CLI to access Promptmate.io and asks you to authenticate through Membrane (browser flow). Before installing: confirm the @membranehq/cli npm package and its publisher, prefer using npx if you don't want a global install, and understand that Membrane will store/manage your connectors and tokens—only use it if you trust that service. Do not paste API keys into chat; follow the described browser/code flow for auth. If you need higher assurance, run the CLI in an isolated environment (container/VM) and review Membrane's privacy and security docs.
Review Dimensions
- Purpose & Capability
- okThe name/description (Promptmate.io integration) matches the instructions: all actions use the Membrane CLI to connect to Promptmate.io. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md only instructs installing and using the Membrane CLI, logging in via browser/authorization code flow, creating connections, discovering and running actions, and using JSON flags. It does not ask the agent to read local secrets, system files, or send data to unexpected endpoints.
- Install Mechanism
- noteThe skill is instruction-only (no bundled install). It tells users to install @membranehq/cli from the npm registry (npm install -g or npx). Installing an npm CLI runs third-party code on the host (moderate risk); this is expected for a CLI-based integration but users should validate the npm package and publisher.
- Credentials
- okNo environment variables or local credentials are required. Authentication is delegated to Membrane via an interactive browser flow (or authorization code). This is proportionate, but it does require trusting Membrane to manage credentials server-side.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills, and is user-invocable. It relies on the external Membrane service and a locally installed CLI but does not demand persistent elevated privileges within the agent.