Back to skill
Skillv1.0.1
ClawScan security
Klaro App · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 6:28 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and tooling are coherent with a Klaro app integration that uses the Membrane CLI; nothing requested is disproportionate to that purpose.
- Guidance
- This skill is coherent: it expects you to install and use the Membrane CLI and to authenticate via a browser-based flow. Before installing/using it: 1) verify you trust the @membranehq/cli package (check its npm page and GitHub repo); 2) prefer using npx for one-off runs if you don't want a global install; 3) when you run membrane connect/login, review the scopes and permissions requested before authorizing access to Klaro data; and 4) review any actions Membrane proposes before running them, since those actions will operate on your Klaro account after you authorize the connection.
Review Dimensions
- Purpose & Capability
- okThe name/description say 'Klaro app integration' and the instructions consistently direct the agent to use the Membrane CLI and Membrane connections for Klaro — this aligns with the stated purpose. The referenced homepage and repository are consistent with Membrane tooling.
- Instruction Scope
- okThe SKILL.md only instructs installing/using the Membrane CLI, authenticating via membrane login, creating connections, listing and running actions, and building actions when needed. It does not instruct reading unrelated system files, asking for unrelated secrets, or sending data to unexpected endpoints. It does ask the user to authenticate through a browser/URL which is expected for OAuth-style flows.
- Install Mechanism
- noteThere is no formal install spec in the skill bundle, but the README instructs installing @membranehq/cli via npm (or using npx). Installing third-party CLI tooling from npm is a standard practice but does pull code from the public registry — a low-to-moderate operational risk compared to instruction-only skills that require no downloads.
- Credentials
- okThe skill declares no required environment variables, does not request API keys, and explicitly advises letting Membrane handle credentials. The authentication step is handled via an interactive login flow (browser/code), which is proportional to the integration.
- Persistence & Privilege
- okThe skill is instruction-only, has no install-time persistence, and is not always-enabled. The agent can invoke the skill autonomously (platform default), which is expected. Note: once the user grants a Membrane connection, the CLI/server will be able to perform actions on Klaro data according to the granted scopes — this is expected but worth reviewing at connect-time.