Skillv1.0.1

ClawScan security

Mail Blaze · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 22, 2026, 8:55 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely delegates to the third‑party Membrane CLI (which is plausible), but there are inconsistent references (Mail Blaze vs MailerLite, repo/homepage mismatch) and reliance on a global npm CLI that require further verification before trusting it.
Guidance: Before installing or using this skill: 1) Verify the target connector — confirm whether it truly integrates with “Mail Blaze” and whether Membrane provides a Mail Blaze connector. The SKILL.md's link to MailerLite is inconsistent and should be clarified. 2) Inspect the npm package @membranehq/cli on the npm registry and the linked GitHub repo to confirm maintainership and recent activity. Prefer using npx or a non-global install if you want to avoid adding a global binary. 3) Understand that credentials are handled by Membrane: you must trust their service for secure storage and handling of API tokens and data; review Membrane's privacy/security docs. 4) If you require proof the skill talks to the expected service (Mail Blaze), ask the publisher for the connector manifest or an example action that lists Mail Blaze-specific fields. If the publisher cannot clarify the Mail Blaze vs MailerLite mismatch, treat the skill as untrusted.

Review Dimensions

Purpose & Capability: concernThe skill claims to integrate with “Mail Blaze” but the SKILL.md points to Membrane as the intermediary (membrane CLI). Additionally, the SKILL.md lists an "Official docs" URL for MailerLite (https://developers.mailerlite.com/) which does not match the Mail Blaze name; repository/homepage point to Membrane. This suggests copy/paste errors or mislabeling: either the connector target is unclear or documentation is inconsistent.
Instruction Scope: noteAll runtime instructions are limited to installing and using the Membrane CLI and using its commands (login, connect, action list/run). There are no instructions to read unrelated files or environment variables. This is within scope if the intent is to use Membrane as an integration layer, but the skill gives broad freedom to create/run actions via Membrane, which requires trusting Membrane's behavior and the actions it builds.
Install Mechanism: noteThere is no formal install spec in the registry; the SKILL.md asks the user to run npm install -g @membranehq/cli@latest (or use npx). Installing a global npm package is a common pattern but introduces moderate risk — you should verify the package source/maintainer on the npm registry and prefer npx or local installs if you want to avoid writing global binaries.
Credentials: okThe skill does not request environment variables, local config paths, or credentials in the registry metadata. It explicitly states Membrane manages auth and says not to ask users for API keys. This is proportionate if you accept delegating credentials to Membrane; otherwise it requires trusting a third party.
Persistence & Privilege: okThe skill is not marked always:true and does not request system-wide changes. Autonomous invocation is allowed (default) but that is normal; nothing here indicates elevated persistence or modification of other skills or global agent config.