asure-software

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli Node.js package. This is the official command-line tool for the Membrane platform, which the skill is designed to work with. The package is sourced from the vendor's standard registry.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the membrane CLI. These commands are used for standard operations such as user authentication (membrane login), connection establishment (membrane connect), and running pre-defined actions (membrane action run). No suspicious or unauthorized command execution patterns were detected.
  • [SAFE]: The skill follows security best practices by instructing the agent to never ask for API keys or secrets directly, instead leveraging the Membrane platform's built-in OAuth and connection management to handle sensitive data server-side.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:38 PM
Security Audit — agent-trust-hub — asure-software