Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Verbolia
v1.0.0Verbolia integration. Manage data, records, and automate workflows. Use when the user wants to interact with Verbolia data.
⭐ 0· 55·0 current·0 all-time
byMembrane Dev@membranedev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (Verbolia integration) matches the instructions: it uses Membrane to connect to Verbolia, list actions, run them, and proxy API requests. However, the registry metadata declares no required binaries or credentials, while the SKILL.md clearly expects a Node/npm environment and the Membrane CLI to be available (or installed). Declaring required binaries like 'node', 'npm' or 'membrane' would be expected.
Instruction Scope
SKILL.md stays on-task: it instructs installing and using the Membrane CLI, logging in, creating/using a connection, listing/running actions, and proxying requests to Verbolia. It does not instruct reading arbitrary local files or exfiltrating environment variables. It does instruct a browser-based login flow and headless copy/paste of codes, which is expected for this auth model.
Install Mechanism
There is no formal install spec in the registry, but the instructions tell users to run 'npm install -g @membranehq/cli' (and suggest npx usage). Installing a global npm package is a moderate-risk operation (code from the public npm registry). This is reasonable for a CLI-based integration but worth caution: global installs modify the system PATH and require trust in the @membranehq/cli package and its publisher.
Credentials
The skill requests no local environment variables or secrets and explicitly advises against asking users for API keys, delegating auth to Membrane. That is proportionate. Note: using Membrane means the Membrane service and its CLI will see and manage credentials and proxied API traffic — users must trust that service with their Verbolia account data.
Persistence & Privilege
The skill is instruction-only, has no install spec that writes files, and 'always' is false. It can be invoked autonomously by the agent (default), which is normal. There is no indication it modifies other skills or requests persistent system-wide privileges.
What to consider before installing
This skill appears to do what it says — it uses Membrane to connect to Verbolia and run actions — but check a few things before installing/running:
- The SKILL.md expects you to install the Membrane CLI via 'npm install -g @membranehq/cli' (or use npx). The registry metadata did not declare required binaries; make sure you have a safe Node/npm environment before doing a global install. Prefer 'npx' or a local install if you want to avoid global changes.
- Verify the @membranehq/cli package and the Membrane service: review the package source (GitHub link in SKILL.md) and the Membrane privacy/security docs. Membrane will handle your Verbolia credentials and will proxy API calls, so you must trust that service with access to your Verbolia data.
- Avoid copy-pasting auth codes or running installs as root/admin unless you understand the implications. If you need higher assurance, inspect the CLI source or run it in an isolated environment (container or VM).
Given the mismatch between declared requirements and the written instructions (missing required binary declarations) and the moderate risk of running a global npm package, treat this as suspicious but not clearly malicious. If you want a firmer "benign" verdict, provide an explicit required-binaries list (node/npm/membrane) and confirm the @membranehq/cli package source and integrity.Like a lobster shell, security has layers — review code before you run it.
latestvk97dx56fjgwv317gmaysb3yedd84av15
License
MIT-0
Free to use, modify, and redistribute. No attribution required.