Clockwork
ReviewAudited by ClawScan on May 10, 2026.
Overview
Clockwork appears to be a legitimate integration, but it gives the agent broad authenticated Clockwork API access through Membrane, including direct requests that could change or delete data without clear guardrails.
Before installing, be comfortable granting Membrane-mediated access to your Clockwork account. Ask the agent to confirm exact actions before it creates, updates, deletes, or automates records, and consider pinning the Membrane CLI version if you use this in a sensitive environment.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A wrong or overly broad agent request could change or remove Clockwork tasks, time entries, calendar data, or workflow settings.
The skill provides a generic authenticated API escape hatch, including mutating and deleting HTTP methods, without visible approval or scoping rules.
send requests directly to the Clockwork API through Membrane's proxy ... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE)
Require the agent to show the exact action, endpoint, method, and record IDs before any POST, PUT, PATCH, DELETE, or workflow automation request.
Installing and using the skill can let Membrane-mediated commands act with the connected Clockwork account's permissions.
The integration uses delegated account access and refreshes credentials through Membrane, which is expected but sensitive.
Membrane handles authentication and credentials refresh automatically
Connect only the intended Clockwork account, review granted permissions, and revoke the Membrane connection when it is no longer needed.
Future CLI package changes could affect what commands do or what data is handled.
The setup relies on installing the latest global npm CLI package, which is central to the skill but not pinned to a reviewed version.
npm install -g @membranehq/cli@latest
Install from the official package source and consider pinning a known-good Membrane CLI version in controlled environments.
Clockwork request data and account access are mediated by a third-party service boundary, which users should understand before connecting.
Clockwork API requests and related data pass through a Membrane proxy/gateway that also applies authentication.
send requests directly to the Clockwork API through Membrane's proxy ... injects the correct authentication headers
Use this only if you trust Membrane as the integration gateway and avoid sending unnecessary sensitive Clockwork data.