Back to skill
Skillv1.0.3
ClawScan security
Fullcontact · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 9:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it is an instruction-only integration that delegates auth and API calls to the Membrane CLI/service to interact with FullContact, and it does not request unrelated credentials or system access.
- Guidance
- This skill is instruction-only and reasonable for integrating FullContact via the Membrane platform. Before installing or running commands, verify you trust the Membrane project (@membranehq/cli and getmembrane.com) because the recommended CLI is a third-party npm package that will be installed and executed locally. Also confirm your organization’s policy for installing global npm packages and for granting OAuth access in a browser. If you prefer not to install software, consider using your own FullContact integration or verify the Membrane CLI source code/release before proceeding.
Review Dimensions
- Purpose & Capability
- okThe name/description (FullContact integration) match the instructions (use Membrane CLI to connect to FullContact, list/run actions, enrich contacts). The required capabilities (network access, Membrane account) are appropriate for the stated purpose.
- Instruction Scope
- okSKILL.md only instructs installing and using the Membrane CLI, logging in via browser/URL, creating connections, searching and running actions. It does not direct reading unrelated files, requesting unrelated environment variables, or exfiltrating data to unexpected endpoints. It explicitly advises against asking users for FullContact API keys.
- Install Mechanism
- noteNo install spec is declared in the registry (instruction-only). The instructions recommend installing @membranehq/cli via npm -g. That is a reasonable, common mechanism, but it means the user will run third-party code from npm; users should be comfortable trusting the Membrane CLI package and its publisher.
- Credentials
- okThe skill declares no required env vars or credentials. Authentication is delegated to Membrane's login flow (browser-based OAuth/prompt). There are no requests for unrelated secrets or system credentials.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request permanent presence or cross-skill/system configuration changes. Autonomous invocation is allowed (normal platform default) but not combined with additional privileges.