Back to skill
Skillv1.0.3
ClawScan security
Sierra Interactive · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 7:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements align with its stated purpose: it delegates Sierra Interactive access to the Membrane CLI and doesn't ask for unrelated credentials or unusual system access.
- Guidance
- This skill is coherent: it relies on the Membrane CLI and a Membrane account to mediate access to Sierra Interactive. Before installing, verify the @membranehq/cli package and publisher on the npm registry and check Membrane's documentation/repo (homepage and repository links are provided) so you trust the upstream project. Be aware you'll run a global npm install and perform a login flow (browser-based or headless code exchange); do not hand over unrelated API keys or system credentials. If you need stronger supply-chain safety, ask for a pinned CLI version instead of `@latest`, and confirm the GitHub repository and npm package owner match the vendor you expect.
Review Dimensions
- Purpose & Capability
- okName/description (Sierra Interactive integration) matches the instructions: install Membrane CLI, authenticate, create/connect a Sierra connector and run Membrane actions. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md only instructs installing the Membrane CLI, logging in, connecting to the Sierra connector, discovering and running actions, and creating actions when needed. It does not instruct reading unrelated files, exposing system credentials, or sending data to unexpected endpoints. Headless auth flow is described and requires user interaction.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec). It tells the user to npm install -g @membranehq/cli@latest. Installing a global npm package is a normal client-side step but carries the usual supply-chain risk of using an unpinned `@latest` package—verify the package and publisher before installing.
- Credentials
- okThe skill declares no required environment variables or secret keys. Authentication is delegated to Membrane's login flow. This is proportionate to the described functionality.
- Persistence & Privilege
- okThe registry flags show no forced persistence (always:false) and no unusual privileges. The CLI installation is a user action and any local tokens would be created by the CLI, which is expected for an external tool.