Skillv1.0.3

ClawScan security

Nectar Crm · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 4:02 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only integration that delegates CRM access to the Membrane CLI; its requirements and instructions are coherent with the stated purpose.
Guidance: This skill is coherent: it tells you to use the Membrane CLI to manage a Nectar CRM connection and does not ask for API keys. Before installing/running anything: (1) verify you trust the @membranehq npm package and its publisher (review the package page and GitHub repo), (2) prefer using `npx` for one-off commands if you want to avoid a global npm install, (3) when authenticating, complete the interactive browser flow rather than pasting credentials into chat, and (4) be aware that running the CLI will execute third-party code on your machine and will communicate with Membrane's servers — if you need stricter data controls, review Membrane's privacy/security docs or avoid using the CLI.

Review Dimensions

Purpose & Capability: okThe skill claims to integrate with Nectar CRM and all runtime instructions use the Membrane CLI to create connections and run actions against Nectar — this matches the described purpose. No unrelated credentials, binaries, or platform access are requested.
Instruction Scope: okSKILL.md instructs the agent (and user) to install and use the Membrane CLI, create a connection to nectar-crm, discover or create actions, and run them. All described commands and file/variable access are limited to interacting with Membrane/Nectar CRM. The doc explicitly advises not to ask users for API keys and to let Membrane manage auth, which reduces scope creep.
Install Mechanism: noteThere is no registry-level install spec, but SKILL.md directs installing @membranehq/cli via `npm install -g` (and suggests `npx` in places). Installing a global npm package modifies the system environment and runs third-party code — this is expected for a CLI integration but is the highest-risk install method among common package managers. Prefer using `npx` or verifying the package and publisher if you want to avoid a global install.
Credentials: okThe skill declares no required environment variables, no config paths, and its instructions rely on Membrane's hosted auth flow rather than asking for API keys or secrets. Requested access is proportional to a CRM integration.
Persistence & Privilege: okThe skill is instruction-only, does not request always: true, and does not instruct modifying other skills or system-wide agent settings. It relies on Membrane for credential management and does not request persistent elevated privileges.