Back to skill
Skillv1.0.3
ClawScan security
Google Docs · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 1:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, install steps, and required access are consistent with a Google Docs integration that delegates auth and API calls to the Membrane service; nothing requested is disproportionate to that purpose.
- Guidance
- This skill delegates Google Docs access to the Membrane platform and asks you to install their CLI (npm global package) and perform an interactive login. That is coherent with the stated purpose, but before installing or connecting: 1) verify the @membranehq/cli package and its publisher on npm/GitHub; 2) review the OAuth scopes and permissions shown during the login flow so you know what access is granted to Membrane; 3) avoid pasting any Google credentials or secrets into chat—follow the described interactive login; and 4) if your documents are highly sensitive, consider whether trusting a third-party service (Membrane) with access meets your security requirements.
Review Dimensions
- Purpose & Capability
- okThe name and description say 'Google Docs integration' and the SKILL.md describes using the Membrane CLI to connect to Google Docs and run actions. Requiring the Membrane service and its CLI is consistent with the stated purpose.
- Instruction Scope
- noteInstructions focus on installing the Membrane CLI, performing interactive login, creating a connection, discovering and running actions. They do not instruct reading unrelated files or exfiltrating data, but they do rely on the user/agent invoking shell commands and performing OAuth flows, and they assume Membrane will hold credentials server-side.
- Install Mechanism
- noteThere is no registry install spec; the SKILL.md tells the user to run `npm install -g @membranehq/cli@latest`. Installing a global npm package is normal for a CLI but does execute code from the public npm registry; users should verify the package and its source before installing.
- Credentials
- okThe skill declares no required env vars or local credentials. Authentication is delegated to Membrane via interactive login, which is proportionate to the integration. Be aware that granting a Membrane connection gives that third-party service access to the user's Google Docs data.
- Persistence & Privilege
- okThe skill is instruction-only, does not request 'always' presence, and does not modify other skills or system-wide settings. It does require the user to install a CLI locally if they choose to follow the instructions.