Skillv1.0.0

ClawScan security

Tiendanube · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 22, 2026, 11:17 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions generally match its stated purpose (use the Membrane CLI to manage Tiendanube records), but the package metadata omits key requirements (Node/npm and a Membrane account) and the install instructions ask users to install a global npm package — inconsistencies that merit caution.
Guidance: This skill appears to be a wrapper around the Membrane CLI to manage Tiendanube (Nuvemshop) data and does not itself contain code, but there are a few things to check before installing: - Metadata mismatch: The skill metadata lists no required binaries or credentials, yet the instructions require Node/npm (or npx) and a valid Membrane account. Expect to need Node/npm and to authenticate to Membrane. - CLI install: The SKILL.md recommends npm install -g @membranehq/cli. Prefer running it with npx (npx @membranehq/cli ...) if you want to avoid a global install, or inspect the package on the npm registry/GitHub first. - Third-party service: Using this skill routes your Tiendanube access through Membrane’s service. Verify you trust Membrane (privacy, data handling, and account permissions) before connecting production data. - Source unknown: Registry lists Source: unknown and homepage getmembrane.com; verify the package/repository links (e.g., GitHub repo) and confirm the publisher before granting access. If you want this skill, ask the publisher to update metadata to declare required binaries (node/npm), that a Membrane account is required, and to supply authoritative repository links. If you cannot verify Membrane or the npm package publisher, do not install the CLI or connect production accounts.

Review Dimensions

Purpose & Capability: noteThe SKILL.md describes exactly the intended capability (manage Tiendanube records) and delegates work to the Membrane CLI, which is coherent with the skill name/description. However, the registry metadata lists no required binaries or credentials while the instructions require a Membrane account and npm/node for installing the CLI — a mismatch between declared requirements and runtime instructions.
Instruction Scope: okThe runtime instructions are narrowly scoped to installing/using the Membrane CLI, creating connections, discovering and running actions, and performing auth via Membrane. They do not instruct reading arbitrary local files or exporting unrelated system credentials. Headless login requires a user to copy a code from a browser, which is expected for OAuth-like flows.
Install Mechanism: noteThere is no install spec in the registry (instruction-only), but SKILL.md tells the user to run npm install -g @membranehq/cli or use npx. Installing a global npm package is common but does require write access and a trusted package source. The instructions reference the official @membranehq/cli package (a scoped npm name), which is better than a random URL, but the registry metadata did not declare Node/npm as a required binary.
Credentials: concernThe skill metadata declares no required env vars or primary credential, yet SKILL.md states a valid Membrane account is required and instructs the user to run membrane login. That account/credential requirement should be declared. The SKILL.md explicitly says not to ask users for direct API keys (good), but the omission in metadata increases risk of user confusion and accidental credential exposure.
Persistence & Privilege: okThe skill is not always-on, does not request elevated platform privileges, and is instruction-only (no code files). It does ask the user to install a CLI which adds software to the system, but the skill itself does not request persistent access to other skills' configs or system files.