Amilia
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed Amilia/Membrane integration, but it gives broad authenticated API access to a registration and payments platform without visible guardrails for high-impact changes.
Install only if you trust Membrane and need Amilia automation. Use least-privileged Amilia credentials, verify the CLI package source, and require manual confirmation before any write, payment, purchase, refund, deletion, or raw proxy request.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could potentially perform account, registration, or payment-related API operations if given access, and mistakes may affect real Amilia records.
This shows a broad direct API escape hatch to a payments/registration system. In the provided text, that power is not paired with clear approval, scope, or rollback guidance for high-impact actions.
Amilia ... handle online registration, scheduling, and payments ... When the available actions don't cover your use case, you can send requests directly to the Amilia API through Membrane's proxy.
Require explicit user confirmation before any create, update, delete, purchase, payment, refund, or proxy request; prefer listed read-only actions when possible and use least-privileged Amilia access.
Connecting the skill may let the agent act through the user's Membrane/Amilia connection until that access is revoked or expires.
The skill clearly relies on Membrane-authenticated access and automatic credential refresh. This is expected for the integration, but it is sensitive delegated account access.
Membrane handles authentication and credentials refresh automatically ... membrane login --tenant --clientName=<agentType>
Use a least-privileged Amilia account, review the permissions granted during connection, and revoke the Membrane connection when it is no longer needed.
The installed CLI package can change over time and will run with the user's local privileges.
The skill asks the user to install the latest global CLI package. This is central to the stated purpose, but using an unpinned latest package globally has normal supply-chain and reproducibility risk.
npm install -g @membranehq/cli@latest
Install only from the expected Membrane package source, consider pinning a reviewed version, and avoid running the CLI with elevated privileges.
Amilia request data and responses may pass through Membrane infrastructure as part of normal operation.
The integration routes Amilia interactions through Membrane as an intermediary. This is disclosed and purpose-aligned, but users should understand where account data and API requests flow.
This skill uses the Membrane CLI to interact with Amilia ... send requests directly to the Amilia API through Membrane's proxy.
Do not use the skill for data you are not comfortable sending through Membrane and Amilia, and check the provider's data-handling terms.