ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Balena

v1.0.2

Balena integration. Manage data, records, and automate workflows. Use when the user wants to interact with Balena data.

0· 87·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md clearly requires the Membrane CLI (commands like `membrane`, `membrane login`, `membrane action run`, and `membrane request`) and network access to a Membrane account, but the registry metadata lists no required binaries or credentials. That metadata omission is inconsistent and could mislead automated checks or users.
Instruction Scope
All runtime instructions remain within the stated purpose: discover actions, run actions, and proxy requests to the Balena API via Membrane. The instructions do not ask the agent to read unrelated local files, environment variables, or other system credentials. They do instruct interactive login flows and proxying arbitrary API paths through Membrane (so Membrane will see request contents).
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs `npm install -g @membranehq/cli` and also shows `npx` usage. Installing/running code from npm is a network operation and executes third‑party code; this is common but carries moderate risk (typo‑squatting, supply‑chain issues). The absence of an install spec in metadata is an inconsistency to be aware of.
Credentials
The skill requests no environment variables or local credentials and explicitly tells integrators not to ask users for API keys. That is proportionate. Note: since Membrane proxies requests and manages auth server-side, using this skill delegates Balena credentials and request visibility to Membrane — evaluate whether you trust that service.
Persistence & Privilege
Default privileges are used (not always:true). The skill is instruction-only and does not request persistent system presence or modify other skills. Autonomous invocation is allowed by platform default and not, by itself, a new concern here.
What to consider before installing
Before installing or using this skill: (1) verify the Membrane CLI package (@membranehq/cli) on npm and its GitHub repository — confirm the publisher, check recent releases and source code if possible; (2) prefer running with `npx` or in an isolated environment instead of `npm install -g` to reduce persistence and supply‑chain risk; (3) be aware that Membrane will proxy and see Balena API requests and any data sent — review Membrane's security/privacy docs and trust posture; (4) note the registry metadata omission (it doesn't declare the required `membrane` binary) and treat that as a red flag for sloppy packaging; (5) avoid giving out raw Balena API keys to this skill — follow the skill's guidance to create a connection via Membrane rather than sharing secrets directly. If you need higher assurance, ask the publisher for a formal install spec or inspect the CLI source before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97en9y64et858fgvbej3zysnx8426dm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments