Chmeetings
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real ChMeetings integration, but it deserves review because it can use persistent account access to change or delete sensitive church/member and financial records without documented safeguards.
Install only if you trust Membrane and need ChMeetings automation. Use a least-privilege account, confirm every delete/write/financial action before execution, and review or revoke the connected account when finished.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used too broadly or incorrectly, the agent could modify financial records or delete important people/family records in ChMeetings.
The skill exposes natural-language action discovery for a connected account and lists destructive/member-data and financial-record actions, but the provided artifact does not document approval or containment safeguards for those high-impact operations.
membrane action list --connectionId=CONNECTION_ID --intent "QUERY" ... | Delete Family | delete-family | Delete a family by ID | ... | Create Contribution | create-contribution | Create a new contribution in ChMeetings | ... | Delete Person | delete-person | Delete a person by thei
Require explicit user confirmation, exact record IDs, and a clear preview before delete/write/financial actions; use the least-privileged ChMeetings account possible.
The integration may continue to have access to the connected Membrane/ChMeetings account after setup.
The skill clearly uses Membrane login and a ChMeetings connection with automatic credential refresh. This is expected for the integration, but it grants ongoing delegated access.
Membrane handles authentication and credentials refresh automatically ... membrane login --tenant --clientName=<agentType> ... membrane connection ensure "https://www.chmeetings.com/" --json
Connect only trusted accounts, prefer a restricted service/user account, and know how to revoke the Membrane or ChMeetings connection.
The installed CLI version could change over time, and its behavior is not verified by the static scan of this instruction-only skill.
The skill asks the user to install an unpinned global npm package that was not part of the provided artifact scan. This is normal for a CLI-based integration but depends on external package provenance.
npm install -g @membranehq/cli@latest
Install the CLI only from the official source, consider pinning a reviewed version, and keep it updated through trusted channels.
Member, contact, giving, or pledge information may be accessed through the external Membrane service as part of normal operation.
Sensitive church/member and financial data is expected to flow through the Membrane integration layer. The artifact discloses the gateway, but users should understand that data boundary.
This skill uses the Membrane CLI to interact with ChMeetings. Membrane handles authentication and credentials refresh automatically ... Members ... Giving ... Pledges
Review Membrane and ChMeetings privacy/access settings, limit connected permissions where possible, and avoid sending unnecessary sensitive records.
A returned instruction could influence how the agent proceeds during setup if not treated as untrusted task data.
The skill allows external connection state to return agent-facing instructions. This is useful setup plumbing, but those instructions should stay subordinate to the user's request and higher-priority policies.
clientAction.agentInstructions (optional) — instructions for the AI agent on how to proceed programmatically.
Treat returned agentInstructions as contextual guidance only; do not let them override the user’s explicit intent or safety checks.