ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

1Password

v1.0.0

1Password integration. Manage data, records, and automate workflows. Use when the user wants to interact with 1Password data.

0· 61·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the instructions: the skill instructs the agent to use the Membrane CLI to connect to and operate on 1Password data. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions are scoped to discovering actions, connecting, running actions, and proxying API requests via Membrane. They direct the user to run membrane login and browser-based auth flows and to use membrane request to call 1Password endpoints. This is expected for a proxy-based integration, but it means Membrane will mediate and potentially see requested data.
Install Mechanism
The SKILL.md recommends installing @membranehq/cli via npm (npm install -g). This is a common approach but carries the usual supply-chain risk of global npm packages. There is no inline download from unknown URLs or archive extraction.
Credentials
The skill declares no required environment variables or secrets. Authentication is handled via Membrane's login flow rather than local API keys, which is proportionate to the stated purpose. Users must trust Membrane with credentials or tokens it stores/refreshes.
Persistence & Privilege
The skill is not set to always:true and makes no requests to modify other skills or system settings. Model invocation is allowed (the platform default), which is normal for an agent-invokable integration.
Assessment
This skill is internally consistent for a 1Password integration that uses Membrane as a proxy. Before installing or using it: (1) verify the authenticity of the @membranehq/cli npm package and the getmembrane.com / GitHub sources (review package on npmjs.com and the repo) to reduce supply-chain risk; (2) understand that Membrane will mediate and may have access to the 1Password data it proxies—only connect accounts you are comfortable delegating to that service; (3) prefer ephemeral or least-privilege connections where possible and review what actions the connector can perform; (4) avoid running global npm installs from unknown publishers in production shells without review. If you want stronger assurance, request the skill author/publisher identity and confirm the official repository and package checksums.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c9b3ga5rea10hm924xwtc9h84bnz3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments