amity
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the '@membranehq/cli' tool from the official NPM registry, which is the standard method for interacting with the vendor's services.
- [COMMAND_EXECUTION]: The skill relies on executing the 'membrane' CLI to manage Amity connections and perform actions. Ingestion points include the '--intent' and '--input' arguments in SKILL.md. While explicit boundary markers and sanitization are absent in the instructional text, the capabilities are limited to authorized actions within the connected Amity environment.
- [CREDENTIALS_UNSAFE]: The skill emphasizes security by instructing the agent to never ask the user for API keys or tokens, instead utilizing a browser-based authentication flow managed by the CLI.
Audit Metadata