Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sonix
v1.0.2Sonix integration. Manage Deals, Persons, Organizations, Leads, Projects, Activities and more. Use when the user wants to interact with Sonix data.
⭐ 0· 76·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes a Sonix integration (transcription API) and how to use the Membrane CLI to proxy Sonix requests — that part is coherent. However the skill's short description ("Manage Deals, Persons, Organizations, Leads, Projects, Activities...") reads like a CRM integration and is inconsistent with Sonix. This suggests a copy/paste or metadata error that could be accidental or indicate the package was mis-described.
Instruction Scope
The instructions are limited to installing and using the Membrane CLI, logging in (browser auth or headless flow), creating/listing connections, running actions, and proxying requests to the Sonix API. They do not ask the agent to read arbitrary files, exfiltrate local secrets, or contact unexpected endpoints. One scope discrepancy: SKILL.md requires network access and the Membrane CLI but the registry metadata lists no required binaries — the runtime will need npm/node and access to install/run the CLI.
Install Mechanism
This is an instruction-only skill (no install spec). The SKILL.md tells the user to run `npm install -g @membranehq/cli`, which pulls code from the npm registry. That's a common approach but it means installing third-party code on the host; the skill registry did not declare this requirement. No direct downloads from untrusted URLs are present, but installing a global npm package is a moderate-risk action and should be verified (check package ownership, versions, and npm page).
Credentials
The skill declares no required environment variables or credentials and explicitly says Membrane handles auth server-side and you should not ask the user for API keys. That is proportionate for a connector that uses a brokered auth flow. The only implied requirements are browser access for interactive login or the headless login flow described.
Persistence & Privilege
The skill does not request always:true, does not install code via an install spec, and has no code files. It does require the user to install and run the Membrane CLI (user action). There is no indication the skill will persistently modify other skills or system-wide agent settings.
What to consider before installing
Do not install or run anything yet. The SKILL.md itself describes legitimate steps to use the Membrane CLI as a proxy to Sonix, but the skill metadata/short description references CRM entities (Deals, Persons, Organizations) which is inconsistent and could be a copy/paste error or mislabeling. Before proceeding: 1) Confirm with the skill author/registry why the description mentions CRM entities and whether this skill is actually the Sonix connector. 2) Inspect the @membranehq/cli npm package page (owner, recent versions, README) before running `npm install -g`. 3) Understand that installation requires npm/node and browser-based login (the CLI will open a browser and Membrane will handle server-side credentials). 4) If you proceed, run the CLI in a controlled environment and verify the connection IDs and API calls target Sonix (developers.sonix.ai) and not unexpected endpoints. If you cannot confirm the mismatch in description, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97cxgavk27m59d7ea7qv2506n843wyd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.