Back to skill
Skillv1.0.3
ClawScan security
Terraform · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:17 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions align with its stated purpose: it is an instruction-only wrapper that uses the Membrane CLI to access Terraform via Membrane connectors.
- Guidance
- This skill is coherent but you should be aware it requires installing and running the Membrane CLI (npm install -g @membranehq/cli) and authenticating to the Membrane service, which will mediate access to your Terraform data. Before installing: (1) verify the npm package and Membrane service are from sources you trust, (2) review Membrane's privacy/permissions and understand what access the created connection will have to providers and state, and (3) consider running the CLI in an isolated environment if you handle sensitive cloud credentials. Do not share raw provider API keys to the agent; follow the described connection/login flow so Membrane can manage credentials server-side.
Review Dimensions
- Purpose & Capability
- okName/description (Terraform integration) match the instructions: the SKILL.md tells the agent to use the Membrane CLI and a terraform connector. No unrelated credentials, binaries, or access are requested.
- Instruction Scope
- okInstructions focus on installing and using the Membrane CLI, logging in, creating a connection, discovering and running actions. They do not instruct reading arbitrary local files, accessing unrelated env vars, or exfiltrating data to unexpected endpoints. Network access and a Membrane account are explicitly required and justified.
- Install Mechanism
- noteThere is no formal install spec in the registry metadata, but SKILL.md instructs the user to run 'npm install -g @membranehq/cli@latest' (and also recommends using npx). Installing a published npm package is a standard approach but does pull remote code from the npm registry; this is expected for a CLI-based integration but carries the usual npm-package risks (use official package, review package provenance).
- Credentials
- okThe skill declares no required environment variables or credentials. Authentication is handled interactively through Membrane (browser or headless code flow), which is coherent with the claim that Membrane manages credentials server-side.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges or modify other skills' configs. It relies on the Membrane CLI and interactive login; autonomous invocation remains the platform default but is not combined with other concerning privileges here.