Back to skill
Skillv1.0.3
ClawScan security
People Data Labs · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 11:04 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are coherent with its stated purpose (using Membrane to access People Data Labs); the main risks come from trusting and installing the external Membrane CLI/npm package and relying on Membrane's servers for authentication and data handling.
- Guidance
- This skill appears to do what it says: it instructs you to use the Membrane CLI to access People Data Labs. Before installing: (1) verify the @membranehq/cli npm package and the Membrane project/repository are legitimate and up-to-date; (2) understand that installing an npm -g package runs third-party code on your machine—install in a safe environment if unsure; (3) be aware that Membrane will mediate authentication and hold any API credentials, so review their privacy/security/privacy policy and trustworthiness; (4) the skill requires network access and a Membrane account—no local secrets are requested by the skill itself. If any of these are unacceptable, do not install or run the CLI.
Review Dimensions
- Purpose & Capability
- okThe name/description (People Data Labs integration) aligns with the instructions: all runtime actions are mediated via the Membrane CLI to talk to People Data Labs. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md restricts actions to installing and using the Membrane CLI (login, connect, action list/run, create). It does not instruct reading arbitrary local files or harvesting unrelated environment variables, nor directing data to unexpected endpoints beyond Membrane/PDL.
- Install Mechanism
- noteThe skill recommends installing @membranehq/cli via npm -g. This is a standard but moderately risky choice because a global npm package will execute code on the host; there is no install spec in the registry itself. Verify the package and publisher (@membranehq) and repository before installing, and consider installing in a constrained environment if you have concerns.
- Credentials
- okThe skill declares no required env vars or secrets and explicitly advises against asking users for People Data Labs API keys, delegating auth to Membrane. This is proportionate to its stated purpose. The trade-off is that you must trust Membrane with the credentials and data flow.
- Persistence & Privilege
- okThe skill is instruction-only, has always:false, and requests no system-wide persistent privileges. It does not attempt to modify other skills or agent settings; autonomous invocation is allowed by platform default but not elevated by this skill.