ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Splunk

v1.0.0

Splunk integration. Manage data, records, and automate workflows. Use when the user wants to interact with Splunk data.

1· 63·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (Splunk integration) match the instructions: all actions are performed via the Membrane CLI and Membrane connections/proxy to Splunk. Required capabilities (network access and a Membrane account) are appropriate for this purpose.
Instruction Scope
SKILL.md only instructs the agent/user to install and use the Membrane CLI, authenticate via browser, create connections, list/run actions, and proxy API requests to Splunk. It does not direct the agent to read unrelated files or environment variables, nor to transmit data to unknown endpoints beyond Membrane's service.
Install Mechanism
The skill recommends installing @membranehq/cli via 'npm install -g'. This is a public npm package (traceable) and expected for a CLI integration, but global npm installs carry normal supply-chain and privilege risks; using npx or reviewing the package source before global install is advisable.
Credentials
The skill declares no required environment variables or local credentials. Authentication is delegated to Membrane (browser login / connector flow), so there is no disproportionate request for unrelated secrets in the skill itself.
Persistence & Privilege
The skill is not always-enabled and permits normal autonomous invocation. There is no instruction to modify other skills or system-wide config; persistence and privileges are appropriate for an integration skill.
Assessment
This skill is coherent: it delegates Splunk access to the Membrane service and guides you to install the @membranehq/cli and authenticate via browser. Before installing or using it, confirm you trust Membrane (review their privacy/security, hosting region, and whether they retain or log proxied data). Prefer running 'npx @membranehq/cli' or inspecting the package source instead of a global npm install if you want to avoid adding a global binary. Review the connector permissions in your Splunk/Tenant when you create a connection, and avoid entering Splunk API keys locally since the skill advocates using Membrane-managed connections. If you need higher assurance, request the skill author provide the exact npm package homepage/repository and a pointer to Membrane’s security documentation.

Like a lobster shell, security has layers — review code before you run it.

latestvk974jvrx74c81mvthff7c25jyh84bzcn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments