Trint
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a mostly coherent Trint integration, but it gives the agent broad authenticated proxy access to Trint, including mutating and delete methods, without clear guardrails in the visible artifact.
Review this skill before installing if you plan to let the agent make changes in Trint. It is reasonable for a Trint integration to need login and network access, but you should require confirmation for any action that edits, deletes, shares, or bulk-processes Trint content, and install the Membrane CLI only from a trusted source.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could change or delete Trint account data if it chooses the wrong endpoint or method.
The skill allows direct authenticated API calls, including mutating and deleting methods, without visible scoping or approval guidance.
“you can send requests directly to the Trint API through Membrane's proxy” ... “HTTP method (GET, POST, PUT, PATCH, DELETE)”
Use predefined Membrane actions where possible, and require explicit user approval before any POST, PUT, PATCH, DELETE, bulk, or irreversible Trint operation.
The skill can act through the authenticated Trint connection with whatever permissions the connected account grants.
The skill requires delegated Trint/Membrane authentication and ongoing credential refresh, which is expected for the integration but gives the tool account-level authority.
“Membrane handles authentication and credentials refresh automatically” and “The user completes authentication in the browser.”
Connect only the intended Trint account, review granted permissions, and revoke the Membrane connection when it is no longer needed.
The installed CLI version may change over time and runs outside the reviewed skill artifact.
The setup depends on installing a mutable latest-version npm package globally. This is purpose-aligned for a CLI-based integration, but users must trust that external package source.
“npm install -g @membranehq/cli@latest”
Install the CLI only from the trusted npm package, consider pinning a reviewed version, and keep it updated through normal package-management practices.
A returned instruction could influence what the agent does next during setup or connection handling.
The workflow can surface external instructions for the agent from a connection response. That is useful integration plumbing, but those instructions should not override the user's goal or safety checks.
“clientAction.agentInstructions (optional) — instructions for the AI agent on how to proceed programmatically.”
Treat returned agent instructions as operational hints only, and keep user intent and explicit approval requirements authoritative.