Back to skill
Skillv1.0.3
ClawScan security
Shopify · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 11:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with a Shopify integration that delegates auth and API calls to the Membrane CLI/service; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to be what it says: it uses Membrane to manage Shopify resources. Before installing or using it, verify the @membranehq npm package and the Membrane provider (check the npm publisher and the GitHub repo at https://github.com/membranedev/application-skills). When you run `membrane login` review the requested OAuth permissions in the browser flow and only authorize accounts you control. Because the SKILL.md tells you to install a global CLI, run that install only on machines you trust. The skill itself does not request local secrets; however, using it grants the Membrane service access to your Shopify data via the connection you create, so confirm that trust and review any Membrane privacy/security docs before proceeding.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the skill instructs the agent to use the Membrane CLI to interact with Shopify (listing, creating, updating resources). No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md confines actions to installing/using the Membrane CLI, creating connections, listing/searching/creating actions, and running them. It does not instruct the agent to read unrelated files, exfiltrate environment variables, or call endpoints outside Membrane/Shopify contexts. It explicitly advises not to ask users for API keys.
- Install Mechanism
- noteThe skill is instruction-only (no install spec in the registry). It tells users to run `npm install -g @membranehq/cli@latest`. This is a standard public npm install but does require trusting the @membranehq package and will install code to the host if the user runs it. Registry metadata does not perform the install automatically.
- Credentials
- okThe skill declares no required environment variables or secrets. Authentication is delegated to Membrane's login flow (browser/headless authorization code) which is appropriate for this integration and avoids asking for direct API keys in the skill instructions.
- Persistence & Privilege
- okThe skill is not forced-always, and does not request system-wide configuration changes. disable-model-invocation is false (normal), so the agent could invoke it autonomously — this is expected for skills and not by itself a problem here.