ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Rex

v1.0.0

Rex integration. Manage data, records, and automate workflows. Use when the user wants to interact with Rex data.

0· 53·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a Rex integration implemented via the Membrane CLI and proxy — this matches the skill's description. However the registry metadata lists no required binaries or primary credential even though the instructions require installing and using the @membranehq/cli. The absence of a declared 'membrane' binary or an install spec is an inconsistency between claimed needs and declared requirements.
Instruction Scope
Runtime instructions are focused on installing/using Membrane CLI, creating connections, listing actions, running actions, and proxying requests to the Rex API. The instructions do not ask the agent to read unrelated system files, other credentials, or send data to unknown endpoints; they only target Membrane and Rex.
!
Install Mechanism
There is no formal install spec in the registry, but SKILL.md requires installing @membranehq/cli via npm (global install or npx). Installing a global npm package is a moderate-risk install mechanism (code from npm). The skill does not declare this dependency in its metadata, so installation will be left to the operator and is not enforced/verified by the registry — this mismatch is worth noting.
Credentials
The skill requests no environment variables and relies on Membrane to manage auth server-side, which explains the lack of local credentials. This is proportionate to the described purpose, but it does mean you must trust Membrane to handle and store your Rex credentials and proxy requests.
Persistence & Privilege
The skill is not marked always:true and has default autonomy settings. It does not request persistent system privileges or modifications to other skills/config. No unusual persistence or privilege escalation is requested.
What to consider before installing
This skill is an instruction-only wrapper that expects you to install and use the Membrane CLI to proxy requests to Rex. Before installing or using it: (1) verify you trust Membrane (https://getmembrane.com and the referenced GitHub repo) because Membrane will handle your Rex credentials and see proxied requests; (2) be aware the SKILL.md asks you to install a global npm package (@membranehq/cli) but the skill metadata doesn't declare that dependency — confirm the CLI's provenance and review its package on npm/GitHub before running npm install -g; (3) if you need stricter control, avoid global installs and prefer running via npx or in a sandbox; (4) if you want to proceed, expect to authenticate via browser (or headless code flow) which delegates auth to Membrane — do not supply your secrets locally; (5) if you require the registry to enforce dependencies or want to avoid third-party proxies, request the publisher add an explicit install spec and required-binaries entry for membrane to the skill metadata. Overall: functionally coherent but the missing dependency declaration and reliance on an external proxy/CLI are reasons to treat it with caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk979624nme528a8nbj1w58w3zx8480cf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments