Back to skill
Skillv1.0.3
ClawScan security
Resend · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 5:11 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requested resources, and purpose are internally consistent: it uses the Membrane CLI to operate on Resend resources and does not ask for unrelated credentials or system access.
- Guidance
- This skill appears to do what it says: it uses the Membrane CLI to access Resend resources and does not request unrelated secrets. Before installing or using it, consider: (1) verify and review the @membranehq/cli package on npm and its source repository (supply-chain risk from installing unpinned @latest); (2) prefer installing the CLI in a controlled environment (container or non-root) if you have security concerns about global npm installs; (3) be prepared to complete a browser-based login or to paste an authentication code in headless environments; (4) do not share Resend API keys directly with the agent — follow the SKILL.md guidance to create a Membrane connection so Membrane manages credentials. If you want stronger assurance, request the publisher/publisher source (a verified homepage or signed package) or a pinned release/version for the CLI.
Review Dimensions
- Purpose & Capability
- okThe name/description (Resend integration) match the instructions: the SKILL.md describes using Membrane to manage Resend Email/Domain/API Key resources. There are no unrelated environment variables, binaries, or config paths requested.
- Instruction Scope
- noteInstructions are scoped to installing and using the Membrane CLI (login, connect, action list/run). They do not instruct reading unrelated files or exporting secrets. Note: the doc tells operators to globally install an npm CLI and to perform browser-based auth or copy a code in headless flows — these are expected for this integration but will cause local changes and require user interaction.
- Install Mechanism
- noteThere is no formal install spec in the registry (this is instruction-only). The SKILL.md recommends npm install -g @membranehq/cli@latest. Installing an unpinned global npm package has normal supply-chain risks; this is proportionate to the stated purpose but worth verifying (review the npm package and source) before installing system-wide.
- Credentials
- okThe skill declares no required env vars or credentials. The instructions explicitly advise letting Membrane manage API keys rather than asking the user for Resend credentials. Requiring a Membrane account and network access is proportionate to the integration.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or configuration changes beyond installing the Membrane CLI (which is an operator action). The skill can be invoked autonomously by the agent (default), but there are no other combined red flags that would make that dangerous.