Superoffice
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill appears to be a legitimate SuperOffice/Membrane integration, but it grants very broad CRM, financial, and administrative action authority without clear guardrails for destructive or high-impact changes.
Before installing, confirm you trust Membrane and the npm CLI package, connect only a least-privileged SuperOffice account, and require the agent to ask before making destructive, financial, administrative, or bulk CRM changes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could make broad changes to SuperOffice business data, including deleting or modifying important records, if it interprets a task too broadly.
The skill describes broad business, financial, administrative, and destructive operations but does not specify approval, scoping, rollback, or containment requirements before using them.
"Order" ... "Invoice" ... "Payment" ... "User" ... "Role" ... "License" ... "Database" ... "Server" ... "Backup" ... "Restore" ... "Delete" ... "Merge" ... "Import" ... "Export" ... "Use action names and parameters as needed."
Require explicit user confirmation for delete, merge, import/export, order/payment, user/role/license, backup/restore, and other high-impact actions; prefer read-only or narrowly scoped actions by default.
The connected account’s SuperOffice permissions determine what the agent can read or change.
The skill uses delegated Membrane/SuperOffice authentication and automatic credential refresh, which is expected for this integration but grants ongoing account access.
"Membrane handles authentication and credentials refresh automatically" and "membrane login --tenant --clientName=<agentType>"
Use the least-privileged SuperOffice/Membrane account available and review the permissions granted during connection.
The behavior of the installed CLI may change over time, and the reviewed skill does not include the CLI code itself.
The setup relies on installing the latest global Membrane CLI package from npm, which is purpose-aligned but not pinned to a reviewed version.
"npm install -g @membranehq/cli@latest"
Install the CLI from the documented official source, consider pinning a known version, and review npm/package provenance in managed environments.