act-365
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via npm. This is a legitimate tool provided by the vendor (membranedev) to facilitate the integration. - [COMMAND_EXECUTION]: The skill instructions involve executing various
membraneCLI commands to authenticate, search for CRM actions, and run those actions. This is the primary mechanism for the skill's functionality. - [SAFE]: Authentication is handled via a secure OAuth-like flow (
membrane login), ensuring that sensitive credentials like API keys are not stored or handled directly by the AI agent or the local environment.
Audit Metadata