Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Impression
v1.0.2Impression integration. Manage Persons, Organizations, Deals, Leads, Projects, Activities and more. Use when the user wants to interact with Impression data.
⭐ 0· 87·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a Membrane-based Impression integration (listing connector discovery, connection creation, action listing/running, and proxy requests) which matches the skill name. However the registry metadata claims no required binaries while the instructions require installing the Membrane CLI via npm; the SKILL.md also contains mismatched content (an 'Official docs' link to an Optimizely "impression-event" SDK and a Popular actions list referencing signature/PDF workflow actions) that do not obviously match the stated domain (Persons/Organizations/Deals). These inconsistencies could be sloppy documentation or a sign the doc was copied/repurposed incorrectly.
Instruction Scope
Runtime instructions tell the agent to install and run the Membrane CLI and to perform browser-based login and run membrane commands (action list/run/request). The instructions do not ask the agent to read unrelated local files or environment variables and explicitly advise not to request API keys. There are odd template artifacts (the opening line 'I'm sorry, but I cannot fulfill that request...') and mixed action examples that seem out of scope for a CRM-style Impression integration.
Install Mechanism
No formal install spec in the registry, yet SKILL.md instructs users to run 'npm install -g @membranehq/cli' to get the Membrane CLI. Installing a public npm package is a common, moderate-risk install path, but the skill metadata should declare this requirement. No downloads from arbitrary URLs or archive extraction are present in the instructions.
Credentials
The skill does not request environment variables or secret credentials. The SKILL.md explicitly states Membrane handles auth server-side and advises not to ask users for API keys. This is proportionate to the stated purpose.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not describe writing agent-wide configuration or accessing other skills' credentials. Autonomous invocation remains allowed (platform default) but is not combined with other concerning privileges here.
What to consider before installing
This skill appears to be an instruction-only adapter that uses the Membrane CLI to interact with an Impression connector — that is coherent in principle. Before installing or using it: 1) Confirm you have or are willing to install Node/npm and the @membranehq/cli package (the registry metadata did not declare this requirement). 2) Verify the @membranehq/cli package and the repository/homepage (getmembrane.com and the linked GitHub repo) are legitimate and match the skill — check the npm package maintainer and download counts if available. 3) Ask the publisher to clarify the mismatches in the documentation (the Optimizely docs link, the signature/PDF action examples, and the stray template line) — these could be copy-paste errors but may indicate the docs are not authoritative. 4) If you rely on least privilege, review what Membrane connections will access in your account and only create connections you trust. If you cannot validate the source or the action names/documentation, avoid installing the global CLI and do not grant connections until clarified.Like a lobster shell, security has layers — review code before you run it.
latestvk979d7sg6r0z44ewt6dkkhd4rs843j50
License
MIT-0
Free to use, modify, and redistribute. No attribution required.