Back to skill
Skillv1.0.1
ClawScan security
Roompricegenie · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 11:09 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are coherent with a Membrane-based RoomPriceGenie integration; it mainly requires installing the Membrane CLI and using its login/connect commands.
- Guidance
- This skill appears coherent but before installing: 1) Verify the @membranehq/cli package is the official Membrane CLI on npm and review its repository (the SKILL.md references https://github.com/membranedev/application-skills and https://getmembrane.com). 2) Installing the CLI globally (npm -g) runs code from the npm registry — prefer installing in a controlled environment (container, VM, or dedicated user) if you have sensitive data on the machine. 3) The skill relies on interactive/web-based login to Membrane; understand that Membrane will hold the service credentials and act on your behalf. 4) Confirm that the Membrane connection and actions have the permissions and scope you expect before running them. 5) The manifest omitted declaring the CLI as a required binary — this is not dangerous but is a small inconsistency to be aware of.
Review Dimensions
- Purpose & Capability
- noteThe skill claims to integrate with RoomPriceGenie via Membrane and the SKILL.md contains only Membrane CLI commands relevant to that purpose. Minor mismatch: the registry metadata lists no required binaries, but the instructions tell the user to install the @membranehq/cli npm CLI — the manifest could have declared that dependency.
- Instruction Scope
- okSKILL.md limits runtime actions to installing/using the Membrane CLI, authenticating, creating connections, discovering and running actions. It does not ask the agent to read unrelated files, access arbitrary environment variables, or exfiltrate data to unknown endpoints.
- Install Mechanism
- noteThe skill is instruction-only (no install spec), but instructs users to run npm install -g @membranehq/cli@latest. Installing a global npm package is expected for a CLI but is a moderate-risk operation because it executes code from the public npm registry and modifies the system PATH.
- Credentials
- okNo environment variables or credentials are declared; the document explicitly delegates auth to Membrane and instructs users not to provide API keys. This is proportionate to the stated purpose.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. Autonomous invocation is permitted (the platform default) but is not combined with other red flags here.