Unleash
Security checks across malware telemetry and agentic risk
Overview
This appears to be a legitimate Unleash integration, but it gives the agent broad authenticated API power, including write and delete requests, without clear confirmation or scoping guidance.
Before installing, make sure you trust Membrane and the npm CLI source, connect only a least-privilege Unleash account, and require manual review before the agent changes or deletes feature flags, projects, segments, variants, or environments.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent action could change or delete Unleash flags, segments, projects, or environments and potentially affect production behavior.
The skill covers production feature-management operations and exposes a raw authenticated API proxy with mutating and deleting HTTP methods, but does not document approval or scoping controls for high-impact changes.
Developers and product teams use it to control feature rollouts and conduct experimentation in production... membrane request CONNECTION_ID /path/to/endpoint... HTTP method (GET, POST, PUT, PATCH, DELETE)
Use this only with explicit user approval for any write/delete operation, prefer discovered scoped actions over raw proxy calls, and restrict endpoints and methods where possible.
The agent may be able to act with the permissions of the Membrane/Unleash connection you authorize.
The skill requires delegated Membrane authentication and ongoing credential refresh, which is expected for an Unleash integration but gives the agent access through the connected account.
membrane login --tenant --clientName=<agentType>... Membrane handles authentication and credentials refresh automatically
Authenticate only the intended account or tenant, use least-privilege Unleash permissions if available, and revoke the connection when no longer needed.
Installing a moving latest version can introduce unexpected behavior if the package changes later.
The setup asks the user to install a global CLI from npm using the moving @latest tag; this is purpose-aligned but depends on future package contents and npm provenance.
npm install -g @membranehq/cli@latest
Pin the CLI to a reviewed version where possible and install it only from the official package source.