Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Smarty
v1.0.2Smarty integration. Manage Organizations, Pipelines, Users, Goals, Filters. Use when the user wants to interact with Smarty data.
⭐ 0· 75·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (mentions managing Organizations, Pipelines, Users, Goals, Filters) does not align cleanly with the SKILL.md content. The README alternates between describing Smarty as a PHP template engine and listing data/address verification actions (autocomplete, verify-us-address, census/property, reverse geocoding). This suggests the metadata and the integration target are inconsistent or mislabeled.
Instruction Scope
SKILL.md instructs the agent to install and use the Membrane CLI (npm install -g @membranehq/cli), run membrane login (browser-based auth), list/connect connections, run actions, and proxy arbitrary HTTP requests via membrane request. The instructions are narrowly scoped to interacting with Membrane and the connector, and they explicitly advise not to collect API keys locally — but they permit arbitrary proxied requests to the external service via the Membrane proxy, which gives the agent capability to call any endpoint exposed by the connector.
Install Mechanism
There is no registry install spec, but SKILL.md tells users/agents to run a global npm install (-g @membranehq/cli). Installing a global npm CLI is a moderate-risk action (writes to system PATH and executes third-party code) and is not declared in the skill metadata; the skill relies on a networked package from the public npm registry rather than a packaged, registry-declared install.
Credentials
The skill declares no required environment variables or credentials, and the instructions explicitly say to let Membrane handle credentials and not to request API keys. There is no request for unrelated secrets in the SKILL.md. This is proportionate to a connector-based integration that delegates auth to Membrane.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It is user-invocable and allows autonomous invocation (platform default). It does not request changes to other skills or system-wide settings in the documentation.
What to consider before installing
This skill appears to be an instruction-only Membrane CLI integration for a 'Smarty' connector, but the metadata and README are inconsistent (PHP Smarty vs data/address actions). Before installing or using it: (1) confirm which 'Smarty' this is supposed to integrate with (PHP template engine versus an address/data provider) and that the listed actions match your expectations; (2) verify the skill author/source (the registry owner and repository link) — the homepage points to Membrane but the owner is unfamiliar; (3) be aware SKILL.md instructs a global npm install (@membranehq/cli) which executes third‑party code on your system — prefer installing in a sandbox or verifying the package first; (4) Membrane login will open a browser for auth and the skill can proxy arbitrary requests through the connector, so review what endpoints/actions you allow; and (5) if you need higher assurance, ask the publisher for clarification or a corrected SKILL.md that aligns metadata, description, and the action list.Like a lobster shell, security has layers — review code before you run it.
latestvk978rd6cf6xf49kbd62fq6gczs842htb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.