Back to skill
Skillv1.0.3
ClawScan security
Salesmsg · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 6:07 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and actions are coherent with a Salesmsg integration that uses the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to do what it says: it uses the Membrane CLI to integrate with Salesmsg. Before installing or running commands: (1) verify the @membranehq/cli package and GitHub repo match the official project and review its README and install scripts, (2) prefer using 'npx' for one-off commands if you don't want a global install, (3) be aware the CLI will create local auth state (check where credentials are stored in Membrane docs), and (4) do not paste unrelated secrets into chat—use the browser auth flow the skill describes.
Review Dimensions
- Purpose & Capability
- okName/description say it's a Salesmsg integration and all instructions are about using the Membrane CLI to connect and run Salesmsg-related actions. No unrelated services, credentials, or binaries are requested.
- Instruction Scope
- okSKILL.md stays on-topic: it instructs installing/using the Membrane CLI, authenticating via the provided flow, creating connections, discovering and running actions. It does not ask the agent to read arbitrary files, access unrelated environment variables, or exfiltrate data to unexpected endpoints.
- Install Mechanism
- noteThe skill recommends installing @membranehq/cli via 'npm install -g ...' and also demonstrates npx usage. Installing a global npm package is a reasonable way to get the CLI but has moderate risk (postinstall scripts, supply-chain issues). The SKILL.md points to a GitHub repo and official homepage, which improves traceability.
- Credentials
- okNo environment variables or credentials are declared or requested. The instructions explicitly direct the user to authenticate via Membrane's browser-based flow so the skill does not ask for API keys or unrelated secrets.
- Persistence & Privilege
- okThe skill does not request always: true, does not modify other skills, and contains no installation hooks in the manifest. It relies on the Membrane CLI which will manage its own local auth state; this is expected for a CLI-based integration.