中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 20/100
Last scan:1 day ago Rescan
20 /100
eightfold
Eightfold integration — manage data, records, and automate workflows via the Membrane CLI
This skill is documentation-only with no executable code files. It describes how to use the Membrane CLI for Eightfold integration, with no hidden functionality, credential harvesting, or malicious behavior detected.
Skill Nameeightfold
Duration33.2s
Enginepi
Safe to install
Consider adding an explicit 'allowedTools' declaration in SKILL.md frontmatter to clarify shell:WRITE usage for CLI commands. Otherwise, the skill is safe to use.

Findings 3 items

Severity Finding Location
Low
Shell execution capabilities not declared in frontmatter Doc Mismatch
The SKILL.md frontmatter declares no allowed-tools, yet the documentation instructs users to run shell commands (npm install -g, membrane login, membrane connect, membrane action run). While this is documented inline, it violates the principle of explicit capability declaration.
allowed-tools: (not declared)
→ Add 'allowed-tools: shell:WRITE' to the frontmatter if shell execution is expected. Alternatively, restructure docs to avoid CLI command examples.
 SKILL.md:1
Low
External dependency on Membrane CLI not flagged as risky Doc Mismatch
The skill relies on @membranehq/cli as an external dependency. The SKILL.md uses 'npm install -g @membranehq/cli' without version pinning (uses @latest). No verification that the CLI is trustworthy, and it is not a universally known tool.
npm install -g @membranehq/cli
→ Pin the CLI version (e.g., @membranehq/[email protected]) to prevent supply-chain attacks from a compromised package.
 SKILL.md:34
Low
Feature enumeration lacks actionable documentation Doc Mismatch
The skill lists ~50 capability areas (Security, Compliance, Budget, Forecasting, etc.) as a bullet list but provides no specific actions, parameters, or examples for most of them. This creates user confusion and suggests copy-pasted content.
- **Security**
- **Compliance**
- **Goal**
...
→ Remove non-functional capability entries or provide at least one actionable example per listed feature.
 SKILL.md:22
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No file operations found in documentation
Network NONE READ ✓ Aligned SKILL.md line 7,19: External URLs to getmembrane.com and developer.eightfold.ai,…
Shell NONE WRITE ✓ Aligned SKILL.md lines 34-104: npm install -g, membrane login, membrane connect, membran…
Environment NONE NONE No direct environment variable access described; credentials managed by Membrane…
Skill Invoke NONE NONE No cross-skill invocation documented
Clipboard NONE NONE No clipboard operations described
Browser NONE NONE Browser-based auth mentioned but handled by Membrane CLI, not by the skill itsel…
Database NONE NONE No direct database access described
2 findings
🔗
Medium External URL 外部 URL
https://getmembrane.com
SKILL.md:7
🔗
Medium External URL 外部 URL
https://developer.eightfold.ai/
SKILL.md:19

File Tree

1 files · 5.2 KB · 169 lines
Markdown 1f · 169L
└─ 📝 SKILL.md Markdown 169L · 5.2 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
@membranehq/cli latest (implied) npm No Version not pinned; external package from npm registry

Security Positives

✓ No executable code files present — skill is purely documentation
✓ No credential harvesting or exfiltration detected
✓ No base64, eval, or obfuscation patterns found
✓ No direct access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No reverse shell, C2 communication, or data theft indicators
✓ Credential management delegated to Membrane CLI rather than storing secrets locally
✓ Best practices section correctly advises against sharing API keys directly
✓ No supply-chain risk from internal dependencies (no package.json, requirements.txt, etc.)