Back to skill
Skillv1.0.3
ClawScan security
Screendesk · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 12:58 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and install steps are consistent with a Screendesk integration that uses the Membrane CLI; nothing requested appears disproportionate to the stated purpose.
- Guidance
- This skill appears coherent: it delegates auth and API calls to the Membrane CLI rather than asking for your API keys. Before installing, verify you trust the @membranehq/cli package (check the npm package page and the linked GitHub repository), and prefer installing/running CLI tools in a sandboxed environment if you have security concerns. Note that installing a global npm package runs code on your machine — if you cannot validate the package source, consider using npx per-invocation or running inside a container/VM.
Review Dimensions
- Purpose & Capability
- okThe skill is an integration for Screendesk and all runtime instructions use the Membrane CLI to connect, discover, build, and run actions against Screendesk. Requesting the Membrane CLI and network access is coherent with that purpose.
- Instruction Scope
- okSKILL.md limits runtime actions to installing/using the Membrane CLI, logging in (browser or headless OAuth flow), creating/listing connections, and running Membrane actions. It does not instruct reading unrelated files, accessing unrelated env vars, or exfiltrating data to unexpected endpoints.
- Install Mechanism
- noteThe install recommendation is npm install -g @membranehq/cli@latest (and examples using npx). Installing a global npm package is a common pattern for CLIs but does execute code on the host and pulls from the public npm registry; users should ensure they trust the package and review its source/release provenance before installing globally.
- Credentials
- okThe skill declares no required env vars, no secrets, and relies on Membrane to handle auth. That is proportionate: a connector skill typically delegates credentials to the integration layer rather than asking for unrelated tokens.
- Persistence & Privilege
- okThe skill is instruction-only, has no always:true flag, and does not request modification of other skills or system-wide settings. It does require the user to install a CLI which will persist on disk, but that is normal for a CLI-based integration.