zoho-subscriptions Security Report — Trusted | ClawSafe

0 /100

zoho-subscriptions

Zoho Subscriptions integration for managing subscriptions, customers, invoices, and recurring billing via Membrane CLI

Clean documentation-only skill for Zoho Subscriptions integration using the Membrane CLI. No suspicious patterns, hidden functionality, or security concerns detected.

Skill Namezoho-subscriptions

Duration25.2s

Enginepi

✓

Safe to install

This skill is safe to use. It properly delegates credential management to the Membrane service and only uses declared shell commands for CLI operations.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file operations in SKILL.md
Network	`READ`	`READ`	✓ Aligned	Membrane CLI makes API calls to Zoho Subscriptions API
Shell	`WRITE`	`WRITE`	✓ Aligned	npm install -g @membranehq/cli, membrane login/connect/run commands
Environment	`NONE`	`NONE`	—	No env access documented
credential	`NONE`	`NONE`	—	Credentials handled server-side by Membrane

2 findings

🔗

Medium External URL 外部 URL

https://getmembrane.com

SKILL.md:7

🔗

Medium External URL 外部 URL

https://www.zoho.com/subscriptions/api/v1/

SKILL.md:19

File Tree

1 files · 4.5 KB · 129 lines

Markdown 1f · 129L

└─ 📝 SKILL.md Markdown 129L · 4.5 KB

Security Positives

✓ No code files - only documentation present

✓ All shell commands explicitly documented in SKILL.md

✓ Credential management delegated to Membrane service (no local secrets)

✓ Uses standard npm package installation

✓ No obfuscation or encoded payloads detected

✓ No sensitive path access (~/.ssh, ~/.aws, .env)

✓ No data exfiltration indicators

✓ Legitimate business integration (Zoho Subscriptions API)

✓ No suspicious IOCs beyond standard documentation URLs

Scan Report

File Tree

Security Positives