Skillv1.0.3

ClawScan security

Truelayer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 1:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with its stated purpose: it is an instruction-only integration that tells the agent to use the Membrane CLI to connect to TrueLayer and run actions via Membrane, and it does not request unrelated credentials or access.
Guidance: This skill appears coherent and uses the Membrane CLI to handle TrueLayer auth and actions. Before installing/running commands: (1) confirm you trust the @membranehq/cli package (check the npm page and GitHub repo and use a known version), (2) prefer using npx or a local install or a sandboxed environment if you don't want a global install, (3) be aware the CLI login will open a browser or show an auth URL and produce codes — only paste those codes into the official CLI flow, and (4) ensure you want to grant Membrane access to your TrueLayer connection (consent and access control are managed by Membrane). If you need higher assurance, review Membrane's security/privacy docs and the CLI source code before proceeding.

Purpose & Capability: okThe name/description (TrueLayer integration) matches the instructions: all runtime steps use the Membrane CLI to connect to the TrueLayer connector, discover and run actions. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope: okSKILL.md confines runtime behavior to installing/using the Membrane CLI, logging in (via browser/authorization URL), creating a connector connection, and listing/creating/running Membrane actions. It does not instruct reading arbitrary files or exfiltrating unrelated secrets and explicitly advises not to ask users for API keys.
Install Mechanism: noteThis is an instruction-only skill with no install spec. It instructs the user to install or run the Membrane CLI (npm install -g @membranehq/cli or npx). Executing npm/npx will run third-party code from the npm registry — expected for this purpose but worth verifying the package source before installing globally.
Credentials: okThe skill declares no required env vars, no primary credential, and no config paths. Authentication is delegated to Membrane's login flow, which is proportional to a connector-based integration.
Persistence & Privilege: okalways is false and disable-model-invocation is false (normal). The skill does not request persistent system-wide privileges or to modify other skills' configurations.