Back to skill
Skillv1.0.3
ClawScan security
Salesmate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 3:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and actions are internally consistent with a Salesmate integration that uses the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to do what it claims: it uses the Membrane CLI to integrate with Salesmate. Before installing or following the SKILL.md steps, verify the @membranehq/cli package on npm (publisher, package page, and repository), and prefer installing it in a controlled environment (avoid installing global packages on sensitive systems without review). Expect the authentication flow to open a browser or return a code—you will not be asked to paste Salesmate API keys into the skill. If you need stricter controls, confirm which Membrane account and permissions will be used and review any connection IDs and actions created for appropriate scopes.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md directs the agent to use the Membrane CLI to connect to Salesmate and run actions for common CRM entities. There are no environment variables, unrelated binaries, or requests that don't fit a connector integration.
- Instruction Scope
- okThe runtime instructions are narrowly scoped to installing and using the Membrane CLI, authenticating via Membrane, creating a connection to Salesmate, discovering/creating actions, and running those actions. The document does not ask the agent to read unrelated files, system secrets, or transmit data to unexpected endpoints.
- Install Mechanism
- noteAlthough the registry provides no install spec, the SKILL.md instructs users to run `npm install -g @membranehq/cli@latest`. This is a user-side global npm install (moderate risk in general); it's consistent with the skill's purpose but the manifest does not automate or vet that install. Users should verify the @membranehq/cli package source before installing globally.
- Credentials
- okNo environment variables, credentials, or config paths are required by the skill. Authentication is delegated to the Membrane CLI (interactive browser flow or headless code exchange), which is appropriate for a connector skill and avoids asking for raw API keys in the skill instructions.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated platform privileges. It does not modify other skills or system-wide agent settings per the provided SKILL.md. Autonomous invocation is allowed by default (normal) but not combined with other red flags.