Back to skill
Skillv1.0.3
ClawScan security
Squarespace · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 4:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it delegates Squarespace access to the Membrane CLI, asks for no unrelated credentials, and its runtime instructions match the described purpose.
- Guidance
- This skill appears to be what it says: it uses the Membrane CLI to talk to Squarespace and does not ask for unrelated credentials. Before installing, verify you trust the Membrane service and the npm package (@membranehq/cli) publisher, since installing a global npm package writes binaries to your system and the Membrane service will hold OAuth tokens for access to your Squarespace data. If you have privacy or compliance concerns, review the Membrane privacy/security docs and the GitHub repository linked in SKILL.md; otherwise the instruction-only skill is proportionate and coherent.
Review Dimensions
- Purpose & Capability
- okThe name/description (Squarespace integration) aligns with the instructions, which use the Membrane CLI to connect to Squarespace, discover and run actions, and manage site data. Required capabilities (network access, Membrane account) are proportional to the stated purpose.
- Instruction Scope
- okSKILL.md confines runtime steps to installing the Membrane CLI, running `membrane login` and `membrane connect --connectorKey squarespace`, discovering/running actions, and polling build state. It does not instruct reading arbitrary local files, asking for unrelated credentials, or exfiltrating data to unexpected endpoints. It explicitly advises against asking users for API keys.
- Install Mechanism
- noteThere is no registry install spec, but the README directs installing @membranehq/cli via `npm install -g`. That is a standard public npm install (moderate risk compared to instruction-only), but users should verify the package name, publisher, and npm registry authenticity before installing global packages.
- Credentials
- okThe skill declares no required environment variables, no config paths, and no credentials. The runtime relies on the Membrane service to manage auth, which is proportionate to delegating Squarespace access to a third-party integration layer.
- Persistence & Privilege
- okThe skill does not request always:true or other elevated platform privileges. It is user-invocable and can be called autonomously by agents (the default), which is expected; nothing in the skill tries to modify other skills or system-wide settings.