alegra
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry to interact with the service. This is a legitimate vendor resource provided by the author to facilitate the integration. - [COMMAND_EXECUTION]: The instructions guide the agent to use several shell commands via the
membraneutility, includinglogin,connect, andaction run. These are the primary mechanisms used to interact with the Alegra API through the Membrane platform. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly instructing the agent to never ask the user for API keys or tokens. Instead, it utilizes a managed connection flow that handles authentication server-side.
Audit Metadata