Back to skill
Skillv1.0.3
ClawScan security
Webflow · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 3:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are coherent with a Webflow integration implemented via the Membrane CLI; nothing requested or instructed is disproportionate to that purpose.
- Guidance
- This skill appears to do what it says: it relies on Membrane to talk to Webflow. Before installing or following the SKILL.md steps: 1) Verify you trust the Membrane project (review https://www.npmjs.com/package/@membranehq/cli and the GitHub repo) because the instructions ask you to run a global npm install; 2) Be aware the CLI will open a browser/auth flow and Membrane will hold the connection/auth tokens server-side — confirm their privacy/security posture if this concerns you; 3) Prefer installing the CLI in a controlled environment (container or dev machine) if you want to limit risk from a global npm package; 4) The skill itself does not request unrelated credentials or system access. If you need a higher-assurance review, ask for the Membrane CLI package checksum or inspect its source before installing.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the skill delegates Webflow operations to the Membrane service/CLI. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md instructs the agent/user to install and use the Membrane CLI, perform interactive login, create a connection, discover and run actions. It does not instruct reading local secrets/files or sending data to unexpected endpoints beyond Membrane/Webflow.
- Install Mechanism
- noteThis is an instruction-only skill (no automatic install). It tells users to run `npm install -g @membranehq/cli@latest` — a normal but nontrivial operation (global npm install fetches code from the npm registry). This is expected for a CLI-backed integration but is the primary external-install risk to be aware of.
- Credentials
- okThe skill declares no required env vars, no local credentials, and explicitly instructs not to request Webflow API keys. The use of a Membrane account and network access is consistent with the described workflow.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or permanent agent privileges. Autonomous invocation is allowed by default (platform behavior) but is not combined with other concerning factors.