Riskadvisor
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a legitimate Membrane/RiskAdvisor integration, but it gives the agent broad authenticated API power, including raw update/delete requests, without clear safety limits in the provided artifact.
Before installing, verify the RiskAdvisor domain and Membrane connection, install the CLI from a trusted source, use a least-privileged account, and require explicit approval before any create, update, delete, bulk, or user-management operation.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent chooses the wrong endpoint or interprets a request too broadly, it could change or delete RiskAdvisor business data or user/account records.
The skill exposes an authenticated raw API escape hatch, including mutating and deleting HTTP methods, for a service that manages business and user data. The provided artifact does not show clear confirmation, scoping, or rollback guidance for high-impact operations.
When the available actions don't cover your use case, you can send requests directly to the RiskAdvisor API through Membrane's proxy... HTTP method (GET, POST, PUT, PATCH, DELETE).
Require explicit user confirmation for create, update, delete, bulk, or user-management actions; prefer typed Membrane actions over raw proxy requests; and limit the connected account's permissions where possible.
The connected Membrane/RiskAdvisor account may continue to authorize API access after setup.
The skill requires delegated authentication and ongoing credential refresh through Membrane. This is expected for the integration, but it grants the agent/provider account-level authority.
Membrane handles authentication and credentials refresh automatically... membrane login --tenant --clientName=<agentType>
Use a least-privileged account, verify the tenant and connection before authorizing, and revoke the Membrane connection when it is no longer needed.
Future npm package changes could alter behavior compared with what was reviewed here.
The skill depends on installing an external npm CLI globally using the latest tag. This is purpose-aligned, but the reviewed artifact does not pin a version or include an install spec.
npm install -g @membranehq/cli@latest
Install only from trusted npm sources, consider pinning a known version, and review the Membrane CLI permissions before use.
RiskAdvisor requests, responses, and related business data may pass through Membrane infrastructure.
RiskAdvisor API traffic and authentication handling are mediated by Membrane. This is disclosed and central to the skill, but it is a sensitive provider/gateway data boundary.
send requests directly to the RiskAdvisor API through Membrane's proxy... injects the correct authentication headers
Confirm that Membrane is an approved processor for the data involved and avoid sending unnecessary sensitive information through raw proxy requests.