Back to skill
Skillv1.0.3
ClawScan security
Keap · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 9:11 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required operations, and resources are consistent with a Keap integration that uses the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears coherent for integrating Keap via the Membrane CLI. Before installing or running it: 1) Verify the @membranehq/cli package on npm (publisher, downloads, repo) because npm install -g will execute code on your machine. 2) Understand that authentication is handled by Membrane and will store tokens locally or in its account — review what account and permissions you grant. 3) If you are concerned about an agent acting autonomously, restrict its permissions or review actions before they run; the skill can proxy arbitrary API requests to Keap via Membrane, so limit access to only needed Keap scopes. 4) If you need higher assurance, request a code-based skill (instead of instruction-only) or confirm the skill's publisher and repository prior to use.
Review Dimensions
- Purpose & Capability
- okThe skill declares Keap CRM integration and all runtime instructions use the Membrane CLI to connect to Keap, discover actions, run actions, or proxy requests. Required capabilities (network access, Membrane account and CLI) match the stated purpose; there are no unrelated credentials, binaries, or configuration paths requested.
- Instruction Scope
- okSKILL.md instructs installing and using the Membrane CLI, logging in (browser or headless flow), creating/ensuring a connection, listing and running actions, and optionally proxying requests to Keap — all within the integration's scope. The instructions do not ask the agent to read unrelated local files or to exfiltrate data to unexpected endpoints. They do instruct the user/agent to perform authentication flows which is expected for API access.
- Install Mechanism
- noteThere is no registry install spec, but the runtime instructions ask users to install @membranehq/cli via npm globally (npm install -g). Installing a third-party CLI globally is a common but moderately risky step because it executes remote package code on the host; verify the npm package and publisher (@membranehq) before installing.
- Credentials
- okThe skill declares no required environment variables or primary credential. Authentication is delegated to the Membrane CLI/browser flow. No unrelated secrets or config paths are requested.
- Persistence & Privilege
- okThe skill does not request permanent/always-on inclusion; default autonomous invocation is permitted (the platform default). The skill does not instruct modifying other skills or system-wide agent settings. Be aware autonomous invocation allows the agent to call the CLI to act on connected Keap accounts if permitted.