Back to skill
Skillv1.0.3
ClawScan security
Ukg Ready · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 2:08 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it uses the Membrane CLI to access UKG Ready, asks the user to authenticate via the Membrane flow, and does not request unrelated credentials or filesystem access.
- Guidance
- This skill relies on the official Membrane CLI to access UKG Ready. Before installing: verify the npm package @membranehq/cli and the Membrane project (homepage/repo) you trust; prefer installing in a controlled environment (not on a machine with unrelated sensitive keys); be aware `membrane login` will open a browser or provide a one-time code and will store auth state locally for future CLI use; never paste your org credentials into chat — use the provided login flow. If you manage sensitive HR or payroll data, confirm least-privilege access for the Membrane connection and audit which actions are created or run.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md directs use of the Membrane CLI and a ukg-ready connector to manage UKG Ready entities (employees, timecards, reports, etc.). Required capabilities (network + Membrane account) are appropriate for this integration.
- Instruction Scope
- okInstructions are scoped to installing and using the Membrane CLI: login, create/connect a ukg-ready connection, discover or create actions, and run them. The instructions do not ask the agent to read arbitrary system files, other credentials, or to transmit data to unexpected endpoints.
- Install Mechanism
- noteInstall is an npm global install: `npm install -g @membranehq/cli@latest`. This is expected for a CLI-based integration but carries normal npm supply-chain risk (installing a global package from the registry). No downloads from untrusted URLs or archive extraction are present.
- Credentials
- okThe skill declares no required environment variables or config paths. Authentication is delegated to Membrane's login flow, which is proportionate to the stated functionality. There are no unrelated credential requests.
- Persistence & Privilege
- noteSkill is instruction-only, not always-enabled, and does not modify other skills. A practical consequence: the Membrane CLI will store authentication state locally after `membrane login` (normal for a CLI). If the agent is allowed to invoke skills autonomously and the user has authenticated, the agent could run membrane commands that access org HR/payroll data — this is expected but worth noting.