amazon-api-gateway
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI (
@membranehq/cli) via npm. This is a legitimate dependency provided by the skill's author to facilitate secure communication with the Membrane platform. - [COMMAND_EXECUTION]: The skill relies on shell commands via the
membraneutility to manage connections, discover actions, and execute API requests. These commands are transparent and restricted to the scope of the Membrane integration. - [SAFE]: The skill implements high-security standards for credential handling by using a delegated authentication model where the Membrane platform manages the full OAuth/Auth lifecycle. This prevents the need for local storage of sensitive API keys or secrets in the agent's environment. No patterns of obfuscation, persistence, or malicious data exfiltration were identified during analysis.
Audit Metadata