Skillv1.0.3

ClawScan security

Ottertext · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 10:02 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally coherent: it instructs the agent to use the Membrane CLI to connect to an OtterText connector and does not request unrelated credentials or system-wide privileges, though there are minor documentation inconsistencies you should verify before use.
Guidance: This skill appears to be a straightforward Membrane-based OtterText connector. Before installing or using it: 1) Verify you trust Membrane (getmembrane.com) because you'll grant it access to the external service via the connection flow. 2) Be aware the instructions recommend installing @membranehq/cli globally via npm — ensure you have a secure npm environment and are comfortable installing that package. 3) Confirm the connector is the one you intend to use (the SKILL.md's 'Official docs' link points to otter.ai, which seems unrelated to an SMS marketing 'OtterText' product) — ask the author or vendor to clarify if necessary. 4) Do not paste API keys into chat; use Membrane's connection/auth flow as instructed. If you need higher assurance, ask the skill author for the connector documentation or a pointer to the Membrane connector definition for 'ottertext' before proceeding.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (OtterText integration) matches the instructions: it uses the Membrane CLI to create a connection and run actions against an ottertext connector. However, the SKILL.md contains small inconsistencies (typo 'Recordses' and an unexpected 'Official docs' link pointing to otter.ai) that look like documentation errors and should be clarified.
Instruction Scope: okRuntime instructions are limited to installing and using the Membrane CLI (login, connect, action list/run). The instructions do not ask the agent to read unrelated local files, environment variables, or transmit data to arbitrary endpoints beyond Membrane's CLI/API flow.
Install Mechanism: noteNo formal install spec is present in the registry (instruction-only), but the SKILL.md tells users to run 'npm install -g @membranehq/cli@latest' or use npx. That performs a global npm package install (network download from npm) — a common pattern but nontrivial (writes to disk and runs third-party code). This is expected for a CLI-based integration but has the usual supply-chain considerations.
Credentials: okThe skill does not request environment variables or API keys and explicitly advises using Membrane's connection flow rather than asking users for secrets. That is proportionate to the stated purpose. The requirement of a Membrane account is reasonable for this integration.
Persistence & Privilege: okThe skill does not request 'always: true' or other elevated persistence. It is user-invocable and allows normal autonomous invocation behavior, which is the platform default.