Skillv1.0.3

ClawScan security

Weclapp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 21, 2026, 12:06 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it is an instruction-only Weclapp integration that uses the Membrane CLI for auth and API access, and it does not request unrelated credentials or system access.
Guidance: This skill appears coherent, but take these precautions before installing: 1) Verify the Membrane project and the @membranehq/cli npm package (check homepage/repo, npm publisher) before running a global install. 2) Prefer installing a specific released version instead of @latest to avoid unexpected changes. 3) Global npm installs modify your PATH and may require elevated permissions—use a controlled environment or non-root account if possible. 4) The login flow delegates auth to Membrane (browser/code exchange); confirm you trust the Membrane tenant you authenticate with and review what scopes/permissions are granted. 5) Review what Weclapp data the agent will access and limit account permissions on Weclapp/Membrane if possible. 6) If you are concerned about autonomous agent actions, restrict or review agent permissions and monitor logs. If you want, I can list the exact membrane CLI commands the skill will run (so you can review them) or help verify the npm package/repo.

Purpose & Capability: okThe name/description (Weclapp integration) match the instructions (use the Membrane CLI to interact with Weclapp). The declared need for network access and a Membrane account is consistent with the stated purpose.
Instruction Scope: okSKILL.md confines runtime actions to installing/using the Membrane CLI and guiding user login/authentication. There are no instructions to read or exfiltrate unrelated files or environment variables. The skill explicitly relies on Membrane to handle credentials.
Install Mechanism: noteThere is no registry install spec (skill is instruction-only), but the README tells users to run 'npm install -g @membranehq/cli@latest'. Installing a public npm CLI globally is expected for this workflow but carries normal risks (global install affects PATH, requires write permissions, @latest can change behavior). Recommend pinning versions and verifying the package source before installing.
Credentials: okThe skill does not declare or request unrelated environment variables or credentials. Authentication is delegated to Membrane's interactive login flow, which is proportionate to an API integration with third-party services.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent system-wide configuration or modify other skills. Autonomous invocation is allowed by default and is not combined with other concerning privileges.