Back to skill
Skillv1.0.3
ClawScan security
Wicked Reports · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 1:43 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required operations, and requested privileges are coherent with a Wicked Reports integration that uses the Membrane CLI; nothing in the SKILL.md asks for unrelated secrets or system-wide access, but you should verify the Membrane CLI/package before installing.
- Guidance
- This skill is internally consistent: it uses the Membrane CLI to manage Wicked Reports connections and actions and does not request unrelated credentials. Before installing or running it, verify the @membranehq/cli package and publisher on npm (or install in a contained environment), confirm you trust getmembrane.com/GitHub repository, and be prepared to authenticate interactively to your Membrane account (the CLI may open a browser or produce a code). Avoid running global npm installs as root; if you need stronger assurance, inspect the CLI source or run it in an isolated container/VM. Finally, remember the agent can execute the described membrane commands if you invoke it — ensure you are comfortable with the agent performing operations in your Membrane account and Wicked Reports connections.
Review Dimensions
- Purpose & Capability
- okThe name/description describe a Wicked Reports integration and the SKILL.md exclusively instructs the agent to use the Membrane CLI to connect, discover, create, and run actions against Wicked Reports. Required items (network, Membrane account, Membrane CLI) align with the stated purpose.
- Instruction Scope
- okRuntime instructions are narrowly scoped to installing the Membrane CLI, logging into a Membrane account, creating/using a Wicked Reports connection, and listing/creating/running actions. The instructions do not ask the agent to read arbitrary local files, access unrelated environment variables, or send data to endpoints outside Membrane/Wicked Reports.
- Install Mechanism
- noteThere is no packaged install spec, but the SKILL.md instructs installing @membranehq/cli via npm (global). Installing a global npm package is expected for a CLI-based integration, but it has the usual operational risks: you should verify the package name, publisher, and version before running npm -g to avoid installing unexpected code.
- Credentials
- okThe skill declares no required environment variables and explicitly tells integrators not to collect API keys (Membrane handles auth server-side). The only credential activity is logging into the user's Membrane account, which is proportional to the task.
- Persistence & Privilege
- okThe skill is not always-on and is user-invocable. It does not request to modify other skills or system-wide settings. Autonomous invocation (disable-model-invocation=false) is the platform default and is not a standalone concern here.