Back to skill
Skillv1.0.3
ClawScan security
Smarterpay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:15 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are internally consistent: it delegates SmarterPay access to the Membrane CLI, asks the user to authenticate via Membrane, and does not request unrelated credentials or system access.
- Guidance
- This skill appears coherent but relies on the Membrane CLI and a Membrane account. Before installing or using it: (1) verify you trust the @membranehq package on npm and the publisher (getmembrane.com); (2) be aware that global npm installs require write permissions and install executable code on your machine; (3) authentication happens via web-based login (or a code you paste) — review the authorization prompts and scopes before approving; (4) do not provide SmarterPay API keys directly (the skill recommends letting Membrane handle credentials); and (5) remember the skill will make network calls and can be invoked by the agent — only enable it if you trust the Membrane service and the publisher.
Review Dimensions
- Purpose & Capability
- okName/description (SmarterPay integration) matches the instructions: the SKILL.md consistently instructs the agent/user to use the Membrane CLI to connect to SmarterPay. No unrelated environment variables, config paths, or binaries are requested.
- Instruction Scope
- noteSKILL.md instructs installing and running the Membrane CLI, performing interactive or headless login, creating a connection, listing actions, and running actions. The instructions do not ask the agent to read arbitrary files or exfiltrate data. Minor scope note: it requires running CLI commands and browser-based auth flows (or pasting codes in headless flows), which requires user interaction and network access.
- Install Mechanism
- noteNo bundled install spec in the registry (instruction-only). The SKILL.md asks the user to install @membranehq/cli from npm (npm install -g or npx). Installing a global npm package is a common, but non-trivial, operation (writes to disk and executes code) and is a moderate-risk supply-chain action; the package source appears to be the public npm registry rather than an arbitrary URL.
- Credentials
- okThe skill requests no environment variables or secrets in the manifest. Authentication is delegated to Membrane (server-side managed), and SKILL.md explicitly advises not to ask users for API keys or tokens. Requested access (network + Membrane account) is proportionate to the stated purpose.
- Persistence & Privilege
- okThe skill is instruction-only, does not request always:true, and does not declare writes to other skills or system-wide configuration. Autonomous invocation is permitted by default (platform normal), but the skill itself does not request elevated persistence.