airship
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally via npm and usesnpxto execute commands. These are official tools and registries associated with the skill's author (membranedev). - [COMMAND_EXECUTION]: Executes several
membraneCLI commands to handle authentication, connection setup, action discovery, and execution. These commands are standard for the integration's functionality and do not involve suspicious parameters or privilege escalation. - [SAFE]: No indicators of obfuscation, data exfiltration, or persistence were found. The skill promotes security best practices by delegating credential management to the Membrane platform instead of requesting local storage of API keys.
- [SAFE]: The use of natural language intents to discover or create actions through the Membrane CLI is a legitimate functional feature of the platform and does not present a malicious prompt injection risk in this context.
Audit Metadata