shiftleft Security Report — Low Risk | ClawSafe

20 /100

shiftleft

ShiftLeft static code analysis integration via Membrane CLI

The skill is a documentation-only integration for ShiftLeft via the Membrane CLI; all network and shell operations are explicitly documented, credentials are managed server-side by Membrane, and no hidden or sensitive operations were found.

Skill Nameshiftleft

Duration43.6s

Enginepi

✓

Safe to install

Approve for use. The undeclared shell:WRITE and broad network:WRITE capabilities through `membrane request` warrant a documentation note, but the architecture is sound — Membrane handles auth server-side and network calls are confined to the ShiftLeft API proxy.

Findings 3 items

Severity	Finding	Location
Low	Shell:WRITE not declared in allowed-tools The skill executes multiple shell commands (npm install, membrane CLI invocations) but shell:WRITE is absent from the capability declaration. This is a doc-to-code mismatch. `npm install -g @membranehq/cli` → Add shell:WRITE to the allowed-tools declaration if shell execution is a supported capability	`SKILL.md:37`
Low	Network:WRITE not declared despite membrane request capability The `membrane request` command allows arbitrary HTTP methods (GET/POST/PUT/PATCH/DELETE) to ShiftLeft API paths. This is a broad network:WRITE capability not declared in the skill metadata. `membrane request CONNECTION_ID /path/to/endpoint` → Add network:WRITE to the allowed-tools declaration if arbitrary HTTP requests are intended	`SKILL.md:79`
Low	npm install without version pin `npm install -g @membranehq/cli` installs the latest version with no version pin, potentially pulling breaking changes silently. `npm install -g @membranehq/cli` → Pin to a specific version: npm install -g @membranehq/[email protected]	`SKILL.md:37`

Resource	Declared	Inferred	Status	Evidence
Shell	`NONE`	`WRITE`	✗ Violation	SKILL.md:37 — npm install -g @membranehq/cli; SKILL.md:43 — membrane login --ten…
Network	`NONE`	`WRITE`	✗ Violation	SKILL.md:79 — membrane request CONNECTION_ID /path/to/endpoint with -X, -H, -d f…
Filesystem	`NONE`	`NONE`	—	No filesystem operations found in SKILL.md
Environment	`NONE`	`NONE`	—	No environment variable access found in SKILL.md

2 findings

🔗

Medium External URL 外部 URL

https://getmembrane.com

SKILL.md:7

🔗

Medium External URL 外部 URL

https://docs.shiftleft.com/

SKILL.md:19

File Tree

1 files · 4.4 KB · 128 lines

Markdown 1f · 128L

└─ 📝 SKILL.md Markdown 128L · 4.4 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`@membranehq/cli`	`latest (unpinned)`	npm	No	No version pin — `npm install -g @membranehq/cli` can pull any version

Security Positives

✓ Credentials are managed server-side by Membrane — no local secret storage or exfiltration risk

✓ SKILL.md clearly documents all shell commands and network operations with explicit intent

✓ Skill delegates to a known CLI tool (Membrane), not a custom script — reduces supply chain risk

✓ membrane request is confined to the ShiftLeft API proxy, not arbitrary internet destinations

✓ No sensitive path access (~/.ssh, ~/.aws, .env) detected

✓ No base64/eval/curl|bash patterns or reverse shell indicators

✓ No hidden HTML comments or steganographic payloads

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives