Back to skill
Skillv1.0.3
ClawScan security
Clearbit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 10:02 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with a Clearbit integration that uses the Membrane CLI — it asks the user to install and use Membrane to authenticate and run Clearbit actions and does not request unrelated credentials or access.
- Guidance
- This skill is internally coherent: it delegates Clearbit auth and API handling to the Membrane CLI/service rather than asking for API keys locally. Before installing: verify you trust the @membranehq/cli npm package (review its npm page and source repo), consider pinning a specific released version instead of using @latest, and confirm you are comfortable granting Membrane (getmembrane.com / the Membrane service) the ability to hold and use your Clearbit credentials. Be cautious when running global npm installs and when completing browser-based auth flows on shared machines.
Review Dimensions
- Purpose & Capability
- okName/description (Clearbit integration) match the instructions: all runtime steps use the Membrane CLI to connect to Clearbit, discover actions, and run enrichment. There are no unrelated env vars, binaries, or config paths required.
- Instruction Scope
- okSKILL.md confines itself to installing and invoking the Membrane CLI, logging in, creating a connection to the Clearbit connector, searching/creating actions, and running those actions. It does not instruct the agent to read unrelated files or exfiltrate data to unexpected endpoints. It does require network access and an interactive/host-assisted auth flow, which is consistent with the described purpose.
- Install Mechanism
- noteThe skill recommends installing @membranehq/cli globally via npm (npm install -g @membranehq/cli@latest). That is a reasonable install for a CLI-driven integration, but global npm installs execute third-party code on the host — users should verify the package source, prefer a pinned version rather than @latest if they want reproducibility, and review the package before installing.
- Credentials
- okNo environment variables, secrets, or local config paths are requested by the skill. The README explicitly advises letting Membrane manage credentials server-side, which aligns with the integration model and is proportionate.
- Persistence & Privilege
- okThe skill is not always-enabled; it is user-invocable and allows autonomous invocation (the platform default). It does not request persistent system-wide configuration or other skills' credentials. This is a normal privilege model for a skill of this type.