Back to skill
Skillv1.0.3
ClawScan security
Flodesk · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 9:04 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are consistent with a Flodesk integration that delegates auth and API work to the Membrane CLI/service.
- Guidance
- This skill appears to legitimately wrap Flodesk functionality through the Membrane platform. Before installing or following the SKILL.md steps, verify the Membrane CLI (@membranehq/cli) on the npm registry and the Membrane documentation/repository; review what OAuth scopes the Flodesk connector requests when you connect. Installing a global npm package has the usual risks—avoid running it as root on shared systems and prefer installing in a controlled environment. Because Membrane will act on your Flodesk account, consider testing with a non-production Flodesk account or reviewing the actions it will run (especially destructive actions like removing subscribers or modifying workflows). Finally, only allow autonomous agent invocation if you trust the skill and the account used for the connection.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: all operations are performed via the Membrane CLI and the skill requires a Membrane account and network access. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md only instructs installing and using the Membrane CLI, authenticating via Membrane, creating connections, listing/creating/running actions, and using JSON output. It does not direct the agent to read unrelated files, harvest environment variables, or transmit data to endpoints outside Membrane/Flodesk.
- Install Mechanism
- noteThe skill is instruction-only (no automatic install spec). It advises the user to run `npm install -g @membranehq/cli@latest`. Installing an npm CLI globally is a user-side action and is traceable on the npm registry (moderate risk if done blindly), but this is consistent with the described workflow and not unusual for a CLI-based integration.
- Credentials
- okThe skill declares no required environment variables or credentials; authentication is handled by Membrane through an interactive login flow. This is proportional to the stated purpose.
- Persistence & Privilege
- okThe skill does not request permanent inclusion (always: false) or modify other skills or system-wide settings. It permits normal autonomous invocation (disable-model-invocation: false), which is the platform default and expected for skills.