Skillv1.0.2

ClawScan security

Waboxapp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 2, 2026, 8:55 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only adapter that tells the agent to use the Membrane CLI to access Waboxapp; its instructions, required actions, and credentials request are consistent with its stated purpose.
Guidance: This skill is instruction-only and uses the Membrane CLI as a proxy to Waboxapp, which is coherent with the described purpose. Before installing or running it: 1) Confirm you trust the @membranehq/cli npm package and the getmembrane.com service (review their homepage/repository and npm publisher). 2) Remember installing the CLI globally executes code from the npm registry—only install from trusted sources. 3) The Membrane service will handle authentication and proxy requests, so be aware that request payloads and metadata will transit through Membrane’s servers; check their privacy/security docs if that matters. 4) Do not paste unrelated secrets into CLI input or free-form fields; follow the recommended connector/login flow that opens your browser. If you want extra assurance, review the Membrane CLI source and the connector definition used for Waboxapp before granting access.

Purpose & Capability: okThe name/description (Waboxapp integration) align with the instructions: everything centers on using Membrane to create a connector, list actions, run actions, or proxy requests to Waboxapp. No unrelated services, binaries, or credentials are requested.
Instruction Scope: okSKILL.md instructs installing and using the Membrane CLI, logging in via browser, listing/connecting to connectors, running actions, and proxying requests. It does not ask the agent to read arbitrary files, access unrelated environment variables, or exfiltrate data. It explicitly recommends not asking users for API keys.
Install Mechanism: noteThe skill recommends installing the Membrane CLI via npm (npm install -g @membranehq/cli). That's a common, expected mechanism for a CLI-driven skill, but installing a global npm package writes code to disk and runs code from a package registry: users should verify they trust the package and source before installing.
Credentials: okNo environment variables, config paths, or credentials are requested by the skill. The SKILL.md explicitly delegates auth to Membrane and warns against asking users for API keys, which is proportionate for this integration.
Persistence & Privilege: okSkill flags are default (not always-on). It does not request persistent system-wide changes or access to other skills' configurations. Autonomous invocation is allowed (platform default) but not combined with other risky privileges.