Typless
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a coherent Typless/Membrane integration, but it gives the agent broad authenticated access that can change or delete business data without clear approval or scoping guardrails.
Install only if you trust Membrane and intend the agent to operate on Typless data. Use a least-privileged account, confirm any record/table/workflow changes or deletions before execution, and be cautious with raw API proxy commands.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent chooses the wrong endpoint, action, or parameters, it could modify or delete Typless records, tables, workflows, or other business data.
The skill exposes a raw authenticated API escape hatch, including write and delete methods, but does not document clear approval, scoping, dry-run, or rollback safeguards for high-impact operations.
When the available actions don't cover your use case, you can send requests directly to the Typless API through Membrane's proxy... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE).
Use this only with a least-privileged Typless/Membrane account, require explicit user confirmation before POST/PUT/PATCH/DELETE or workflow changes, and prefer narrowly scoped built-in actions over raw proxy requests.
The agent may be able to act with the permissions of the connected Membrane/Typless account.
The skill requires delegated Membrane/Typless account access and automatic credential refresh. This is purpose-aligned, but users should understand the privilege being granted.
This skill uses the Membrane CLI to interact with Typless. Membrane handles authentication and credentials refresh automatically... `membrane login --tenant --clientName=<agentType>`
Connect an account with only the permissions needed for the task, and revoke or rotate access if the skill is no longer needed.
A future CLI release or compromised package source could change the behavior of commands the agent relies on.
The skill asks the user to install the Membrane CLI globally from npm using the moving `@latest` tag. This is expected setup for the integration, but it is not pinned to a reviewed version.
`npm install -g @membranehq/cli@latest`
Install from the official package source, consider pinning a known-good CLI version, and keep the CLI updated through normal trusted channels.
Provider-supplied setup instructions could influence what the agent does next if not bounded by the user's intent.
The skill allows provider-returned instructions to guide the agent during connection setup. This is integration-related, but such instructions should be treated as task-specific guidance rather than overriding the user's request.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agent instructions as advisory, verify they match the user's request, and ask the user before taking sensitive actions.
Business data sent to or received from Typless may be routed through Membrane infrastructure.
Typless requests and responses may pass through Membrane as an intermediary. This is disclosed and purpose-aligned, but users should be aware of the data boundary.
you can send requests directly to the Typless API through Membrane's proxy. Membrane automatically appends the base URL to the path you provide and injects the correct authentication headers
Review Membrane's privacy/security posture and avoid sending data through this integration that the connected account or organization policy should not expose.