Simplero
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a real Simplero/Membrane integration, but it exposes broad authenticated API commands that could change or delete Simplero data without clear built-in limits.
Install only if you are comfortable connecting Simplero through Membrane. Before allowing the agent to make changes, require explicit confirmation for any create, update, or delete action, and avoid raw proxy requests unless the endpoint, method, and payload are clear.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken, overbroad, or hijacked request could modify or delete Simplero customer, product, email, or automation data.
This gives the agent an authenticated raw API escape hatch, including write and delete methods, without clear scoping, safeguards, or confirmation rules in the artifact.
“you can send requests directly to the Simplero API through Membrane's proxy” ... “injects the correct authentication headers” ... “HTTP method (GET, POST, PUT, PATCH, DELETE)”
Prefer discovered, schema-described actions; require explicit user approval for POST/PUT/PATCH/DELETE requests; and document allowed endpoints, request bodies, and rollback expectations.
The agent may be able to keep using the authorized Simplero connection through Membrane until the connection is revoked or disconnected.
The skill uses delegated authentication and refreshed credentials, which is expected for a Simplero integration but gives the integration continuing account-level authority.
“Membrane handles authentication and credentials refresh automatically” and “membrane login --tenant --clientName=<agentType>”
Use the least-privileged Simplero account available, review what permissions Membrane receives, and revoke the connection when it is no longer needed.
The behavior may depend on the current published CLI version rather than code reviewed with this skill.
The skill relies on installing the latest global Membrane CLI, whose exact version and code are not pinned or included in the artifact scan.
“npm install -g @membranehq/cli@latest”
Install from a trusted package source, consider pinning a known CLI version, and review Membrane CLI provenance before use.
Simplero data returned by API calls may pass through Membrane as part of the integration workflow.
Simplero API traffic and authentication flow through the Membrane gateway, which is disclosed and purpose-aligned but creates a third-party data boundary users should understand.
“send requests directly to the Simplero API through Membrane's proxy”
Review Membrane’s security and privacy terms, and avoid sending unnecessary sensitive Simplero data through proxy requests.