marqeta 安全扫描报告 — 低风险 | ClawSafe

10 /100

marqeta

Marqeta integration. Manage data, records, and automate workflows using the Membrane CLI proxy.

A clean Marqeta API integration skill using the Membrane CLI proxy; all functionality is declared in documentation with no hidden behavior or suspicious patterns.

技能名称marqeta

分析耗时30.9s

引擎pi

✓

可以安装

No blocking action needed. Optionally pin the CLI version (e.g., `npm install -g @membranehq/[email protected]`) to prevent supply-chain substitution, but the current design is safe.

安全发现 1 项

严重性	安全发现	位置
低危	Unpinned npm CLI dependency 供应链 The Membrane CLI is installed via `npm install -g @membranehq/cli` without a version pin. A typosquatting or compromised package could theoretically be substituted. `npm install -g @membranehq/cli` → Pin to a specific version: `npm install -g @membranehq/[email protected]`. Verify the package on npmjs.com before use.	`SKILL.md:27`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file operations in SKILL.md
网络访问	`READ`	`READ`	✓ 一致	Uses Membrane CLI to proxy API calls to Marqeta; explicitly states 'requires net…
命令执行	`WRITE`	`WRITE`	✓ 一致	SKILL.md documents: npm install -g @membranehq/cli, membrane login, membrane act…
环境变量	`NONE`	`NONE`	—	SKILL.md explicitly instructs to delegate auth to Membrane: 'never ask the user …
凭证访问	`NONE`	`NONE`	—	Credentials managed server-side by Membrane; no local credential harvesting desc…
技能调用	`NONE`	`NONE`	—	No nested skill invocation described
剪贴板	`NONE`	`NONE`	—	Not referenced
浏览器	`READ`	`READ`	✓ 一致	SKILL.md line 45: browser opens for 'membrane login --tenant'; headless flow des…
数据库	`NONE`	`NONE`	—	Not referenced

2 项发现

🔗

中危外部 URL 外部 URL

https://getmembrane.com

SKILL.md:7

🔗

中危外部 URL 外部 URL

https://www.marqeta.com/api-documentation

SKILL.md:19

目录结构

1 文件 · 4.4 KB · 128 行

Markdown 1f · 128L

└─ 📝 SKILL.md Markdown 128L · 4.4 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`@membranehq/cli`	`unpinned`	npm	否	No version specified — theoretically vulnerable to supply-chain substitution

安全亮点

✓ All shell commands are explicitly documented in SKILL.md — no hidden CLI invocations

✓ Authentication is delegated to the Membrane platform with no local credential storage described

✓ No sensitive file paths (~/.ssh, ~/.aws, .env) are accessed

✓ No base64, eval, or obfuscation patterns present

✓ No data exfiltration or external IP communication beyond declared API endpoints

✓ Explicitly warns against asking users for API keys, promoting secure credential handling

✓ No nested skill invocations or prompt injection patterns

✓ Pure Markdown skill — no embedded scripts or binary executables