v1.0.2

Redis Labs

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:33 AM.

Analysis

This looks like a legitimate Redis Labs/Membrane integration, but it gives broad authenticated API access that can change or delete Redis Labs data.

GuidanceInstall only if you trust Membrane and intend this agent to manage your Redis Labs account. Use a least-privileged connection, review raw API requests carefully, and require confirmation before any operation that writes, deletes, or changes account resources.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

When the available actions don't cover your use case, you can send requests directly to the Redis Labs API through Membrane's proxy... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE).

The skill exposes a raw authenticated API escape hatch with mutating and destructive methods, not just scoped prebuilt Redis Labs actions.

User impactA mistaken or overbroad agent action could modify or delete Redis Labs resources or data under the user's authenticated connection.

RecommendationPrefer prebuilt Membrane actions, use a least-privileged Redis Labs connection, and require explicit user confirmation before POST, PUT, PATCH, DELETE, bulk, or account-level operations.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

`npm install -g @membranehq/cli` ... `npx @membranehq/cli@latest action list ...`

The setup uses a globally installed npm CLI and an unpinned @latest invocation; this is purpose-aligned but relies on npm package provenance and the current published version.

User impactInstalling or running the CLI executes third-party package code on the user's machine.

RecommendationVerify the package source, consider pinning a known-good CLI version, and install it in a managed or isolated environment if possible.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Membrane handles authentication and credentials refresh automatically... The user completes authentication in the browser.

The integration depends on delegated authentication and persistent credential refresh through Membrane, which is expected but grants meaningful account authority.

User impactCommands run through the connection can act with the privileges granted during Redis Labs/Membrane authentication.

RecommendationAuthenticate only to accounts and projects the agent should manage, prefer least-privilege access, and revoke the Membrane connection when no longer needed.