Saplingai
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches a Sapling.ai/Membrane integration, but it exposes a broad authenticated API proxy that could change or delete Sapling data without clearly requiring user confirmation.
Install only if you trust Membrane and are comfortable connecting your Sapling.ai account. Ask the agent to use read-only or prebuilt actions when possible, and require explicit confirmation before any action that creates, updates, deletes, or manages users or organization data.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent uses the proxy incorrectly, it could create, change, or delete Sapling.ai account data using the user's authenticated connection.
The skill documents a raw authenticated API escape hatch, including mutating and deleting HTTP methods, without visible limits or confirmation requirements in the supplied artifact excerpt.
you can send requests directly to the Sapling.ai API through Membrane's proxy ... injects the correct authentication headers ... HTTP method (GET, POST, PUT, PATCH, DELETE)
Prefer discovered Membrane actions over raw proxy calls, and require explicit user confirmation before any POST, PUT, PATCH, DELETE, user-management, or organization-management request.
The agent can act through the user's Membrane/Sapling.ai connection while that connection remains authorized.
The skill requires delegated account access and relies on Membrane to store or refresh credentials, which is expected for this integration but grants meaningful account authority.
Requires network access and a valid Membrane account ... Membrane handles authentication and credentials refresh automatically
Use the intended account, review any OAuth or API scopes during connection, and revoke the Membrane connection when it is no longer needed.
A future CLI version or compromised package source could affect what code runs locally.
The setup uses a globally installed npm package with the moving @latest tag. This is central to the skill's Membrane workflow, but it means the installed code can change over time.
npm install -g @membranehq/cli@latest
Install the CLI only from a trusted npm registry, consider pinning a reviewed version, and avoid running it in highly sensitive environments without verification.
Requests and responses may pass through Membrane, so sensitive Sapling.ai data or text submitted for processing could be exposed to that service according to its policies.
Sapling.ai API traffic is routed through Membrane as a gateway. This is disclosed and purpose-aligned, but it introduces a third-party data path.
send requests directly to the Sapling.ai API through Membrane's proxy
Only use the skill for data you are allowed to send through Membrane and Sapling.ai, and review the relevant privacy and retention policies.