Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Qwilr
v1.0.2Qwilr integration. Manage Accounts. Use when the user wants to interact with Qwilr data.
⭐ 0· 111·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is described as a Qwilr integration and the SKILL.md enumerates Qwilr concepts — that aligns with the name/purpose. However the front-matter says it "Requires ... a valid Membrane account" while the skill declares no required environment variables or primary credential, which is an inconsistency.
Instruction Scope
This is an instruction-only skill (no code files). The provided SKILL.md appears to be descriptive and lists Qwilr entities, not arbitrary system accesses. However the instructions do not clearly document how authentication is performed, which external endpoints will receive user data (Membrane vs Qwilr API), or whether the skill will read any local files — those gaps leave room for unexpected behavior at runtime.
Install Mechanism
No install spec and no shipped code — lowest-risk delivery model (nothing is downloaded or written by the skill package itself).
Credentials
The skill claims it requires a Membrane account but declares no environment variables or primary credential. It's unclear where credentials come from or whether the skill expects users to paste secrets at runtime. The lack of explicit credential requirements makes it hard to assess whether any requested secrets would be appropriate.
Persistence & Privilege
Skill flags are standard (always: false, user-invocable: true, autonomous invocation allowed). It does not request elevated or permanent presence in the agent config within the provided metadata.
What to consider before installing
This skill is an instruction-only Qwilr integration and contains no bundled code, which reduces some risks — but there are unanswered questions you should resolve before installing: 1) Authentication: ask the publisher exactly how the skill authenticates (where are credentials stored, what environment variables or token scopes are required). 2) Data destinations: confirm whether user data is sent to getmembrane.com, qwilr.com, or other endpoints and what data is transmitted. 3) Principle of least privilege: if a token is required, limit its scope and use a test account first. 4) Autonomous invocation: the skill can be called by the agent without additional prompts (default behavior); if you don’t want that, disable autonomous invocation for the skill. 5) Verify the upstream source: review the referenced repository/homepage (https://getmembrane.com and the GitHub link) to confirm the implementation and see full instructions. If the publisher cannot clearly answer how credentials and data are handled, treat the skill as higher risk and avoid installing it.Like a lobster shell, security has layers — review code before you run it.
latestvk970ks3aqc7avq53zdfeh0p4jh843r5m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.