Sharpspring
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real SharpSpring/Membrane integration, but it grants broad credentialed CRM access and write capability without clear approval or scope limits.
Install only if you are comfortable giving Membrane-backed automation access to SharpSpring CRM data. Use least-privilege credentials if available, pin or verify the Membrane CLI package, and require explicit confirmation before any action that creates or changes leads, accounts, opportunities, campaigns, lists, or other CRM records.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent misunderstands a request or is influenced by bad context, it could create or change CRM business records in SharpSpring.
The skill is meant to let the agent perform write actions against business CRM data. The provided artifacts do not show guardrails such as explicit user confirmation, scoped permissions, or rollback guidance for these mutations.
“Manage Leads, Persons, Organizations, Deals, Projects, Activities and more” and popular actions include “Create Lead”, “Create Account”, and “Create Opportunity”.
Use a least-privilege SharpSpring connection where possible and require explicit user confirmation before any create, update, delete, campaign, list, or deal-related action.
A compromised or unexpected connector response could try to steer the agent beyond the user's SharpSpring setup intent.
The skill may consume instructions returned by the Membrane connection flow. This is normal integration plumbing, but provider-supplied instructions should not be treated as authority to do unrelated tasks.
“clientAction.agentInstructions (optional) — instructions for the AI agent on how to proceed programmatically.”
Treat returned agent instructions as scoped setup guidance only, and ask the user before following any instruction that requests unrelated commands, credentials, or data access.
Users may not realize from the registry metadata alone that installing or using this skill involves delegated access to a CRM account.
The formal registry metadata under-declares the credentialed nature of the skill, even though the skill instructions require Membrane login and SharpSpring connection authentication.
“Primary credential: none” alongside capability signals “requires-oauth-token” and “requires-sensitive-credentials”.
Review the credential flow carefully, connect only the intended SharpSpring account, and prefer a restricted service account if SharpSpring/Membrane supports it.
The behavior users get depends on the current external Membrane CLI package, not just this skill file.
The skill depends on a globally installed external npm CLI using a floating latest version, and that package code is not included in the reviewed artifact set. This setup is central to the stated purpose and user-directed, so it is a supply-chain note rather than a standalone concern.
“npm install -g @membranehq/cli@latest”
Install the CLI only from the official package source, consider pinning a known version, and review the package provenance before use.
Lead, account, deal, campaign, and credential-related data may pass through or be managed by Membrane while using the integration.
SharpSpring CRM data and authentication flow through Membrane as a third-party gateway, and the artifacts do not detail data boundaries, connector review, or retention. This is disclosed and purpose-aligned, but sensitive.
“This skill uses the Membrane CLI to interact with SharpSpring. Membrane handles authentication and credentials refresh automatically” and “If no app is found, one is created and a connector is built automatically.”
Confirm that Membrane is an approved intermediary for your organization’s CRM data and understand its credential storage, retention, and connector behavior before connecting production accounts.