Back to skill
Skillv1.0.3
ClawScan security
Peopleforce · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 10:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and actions align with its Peopleforce HRIS integration purpose and there are no disproportionate credential or install demands.
- Guidance
- This skill is coherent: it relies on the Membrane CLI and a Membrane account to manage Peopleforce data rather than asking for raw API keys. Before installing, confirm you trust the @membranehq/cli npm package (check the package page, maintainers, and checksum) because a global npm install runs third‑party code. Also review what permissions you grant when you create the Peopleforce connection in Membrane — that connection will allow Membrane to access HRIS data on your behalf. If you prefer, run the CLI in a constrained environment (container or dedicated VM) when first testing.
Review Dimensions
- Purpose & Capability
- okName/description (Peopleforce HRIS) match the instructions: the skill uses the Membrane CLI to manage Peopleforce connections and actions. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- okSKILL.md confines runtime behavior to installing/using the Membrane CLI, logging in, creating a connection, discovering actions, and running actions. It does not instruct reading unrelated files, accessing arbitrary env vars, or transmitting data to unexpected endpoints.
- Install Mechanism
- noteThe registry has no formal install spec (instruction-only), but SKILL.md directs installing @membranehq/cli via npm (npm install -g). Installing a global npm package is expected for a CLI-based integration but does execute third-party code on the host; verify package authenticity and use appropriate privileges.
- Credentials
- okNo required env vars or primary credential are declared. The doc explicitly defers auth to Membrane (via interactive login/connection flow) rather than asking for API keys, which is proportionate for this integration.
- Persistence & Privilege
- okSkill is not always-included and allows normal autonomous invocation. It does not request system-wide config changes or access to other skills' credentials in the provided instructions.