ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Finmo

v1.0.2

Finmo integration. Manage Organizations. Use when the user wants to interact with Finmo data.

0· 95·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Finmo integration) matches the instructions (use Membrane CLI to call Finmo). However the registry metadata declares no required binaries or env vars while the SKILL.md explicitly instructs installing and using the @membranehq/cli — the skill should have declared the Membrane CLI (and therefore Node/npm) as runtime requirements.
Instruction Scope
SKILL.md confines actions to using the Membrane CLI to authenticate, list/connect actions, run proxy requests to Finmo, and run named Finmo actions. It does not instruct reading unrelated files or harvesting unrelated environment variables. It does require interactive browser-based login (or headless flow).
!
Install Mechanism
There is no install specification in the registry, but the instructions tell the user to run 'npm install -g @membranehq/cli' (an npm package). Installing a global npm CLI is a moderate-risk action and should be declared in the skill manifest. The absence of an install spec means the agent/platform won’t automatically validate or sandbox that dependency.
Credentials
The skill requests no environment variables in metadata, which is consistent with delegating auth to Membrane. Be aware the Membrane CLI will create and store credentials locally (browser login flow) and will proxy requests to Finmo — so the effective access is the authenticated Finmo scopes granted during connect. The manifest should have documented this data persistence and any expected scopes.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. The only persistence comes from the Membrane CLI storing its own auth/session state after login, which is expected but should be made explicit to users.
What to consider before installing
This skill looks like a straightforward Finmo integration that uses the Membrane CLI, but take these precautions before installing/using it: (1) Expect to install a global npm package and to have Node/npm available — the skill manifest should have declared this; (2) Verify the @membranehq/cli package and its publisher (npm page, repository, checksums) before running a global install; (3) Understand that you will authenticate via a browser flow and the CLI will store tokens locally — only grant scopes you trust; (4) The 'membrane request' proxy can call arbitrary Finmo endpoints under the granted connection, so review returned actions (membrane action list) and avoid running unreviewed actions that could expose or modify data; (5) If you have security concerns, run the CLI in a constrained environment (container / isolated VM) and review Membrane’s privacy/security docs and requested scopes before connecting.

Like a lobster shell, security has layers — review code before you run it.

latestvk977sqyth5k6nnj10ab3j7b26s84396b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments