Back to skill
Skillv1.0.3
ClawScan security
Zoho Bugtracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 1:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are consistent with its stated purpose (it uses the Membrane CLI to connect to Zoho Bugtracker) and it does not ask for unrelated credentials or system access.
- Guidance
- This skill is coherent with its stated purpose, but you should (1) trust the Membrane service before granting it access to your Zoho data—check privacy and access policies; (2) inspect or verify the npm package (@membranehq/cli) before running a global install (or install in a controlled environment/container); and (3) avoid pasting production API keys into dialogs outside Membrane's documented connection flow. If you need stronger assurance, ask the publisher for the CLI source/release tarball or install it in an isolated environment first.
Review Dimensions
- Purpose & Capability
- okThe skill name and description match the runtime instructions: it delegates Zoho Bugtracker access to the Membrane platform and shows how to discover and run actions. Requiring a Membrane account and network access is coherent with this design.
- Instruction Scope
- okSKILL.md confines runtime behavior to installing and using the Membrane CLI, logging in via the browser, creating a connection, discovering actions, and running them. It does not instruct reading unrelated files, accessing arbitrary environment variables, or exfiltrating data.
- Install Mechanism
- noteThere is no formal install spec in the metadata, but SKILL.md instructs the user to run `npm install -g @membranehq/cli@latest`. Installing a public npm CLI is a reasonable mechanism for this skill, but npm packages can run install-time scripts; users should verify the package and trust the publisher before installing globally.
- Credentials
- okThe skill does not request environment variables, secrets, or config paths. Authentication is handled via Membrane's login flow (browser/authorization code), which is proportionate for a connector broker.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or system-wide settings, and is user-invocable. It uses normal agent invocation behavior and does not demand elevated persistence or privileges.