Httpsms
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: httpsms Version: 1.0.4 The skill bundle provides a standard integration for the HttpSMS service using the Membrane CLI. The instructions in SKILL.md guide the agent through legitimate authentication, connection management, and API interaction processes (e.g., sending and listing SMS messages) via the @membranehq/cli tool. No evidence of data exfiltration, malicious command execution, or prompt injection was found; the logic is entirely consistent with the stated purpose of managing SMS workflows.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad action could send texts to recipients, send bulk messages, incur SMS costs, or delete messages/webhooks from the connected account.
The skill gives the agent paths to run high-impact SMS/account mutations and a broad authenticated raw API proxy, but the artifact does not specify confirmation, recipient review, cost checks, or deletion safeguards.
Popular actions include `Delete Webhook`, `Delete Message Thread`, `Delete Message`, `Send Bulk Messages`, `Send Message`; proxy requests support `GET, POST, PUT, PATCH, DELETE` and Membrane `injects the correct authentication headers`.
Require explicit user confirmation for sending, bulk sending, deleting, or raw proxy requests; show the exact recipients, message body, and affected resources before running; prefer scoped actions over the raw proxy.
Whoever can use the configured connection may be able to act on the connected HttpSMS account within the permissions granted.
The skill requires delegated account access through Membrane and stores/refreshes the connection for later use. This is expected for an API integration, but it is sensitive authority.
Membrane handles authentication and credentials refresh automatically ... The user completes authentication in the browser. The output contains the new connection id.
Connect only the intended HttpSMS account, use the least-privileged account or token available, and revoke the Membrane connection when it is no longer needed.
Future installs may receive a different CLI version than the one reviewed, and a global CLI has broad local execution capability.
The skill directs installation of a global third-party CLI using the moving `latest` tag. This is central to the Membrane workflow, but the exact package version is not pinned in the artifact.
npm install -g @membranehq/cli@latest
Install the CLI only from the official package source, consider pinning a specific reviewed version, and keep it updated through trusted channels.