basecamp
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is an official tool from the skill's developer used to manage integrations and authentication. - [COMMAND_EXECUTION]: The instructions rely on shell commands through the
membraneCLI to authenticate, create connections, and execute actions against the Basecamp API. These operations are restricted to the vendor's platform ecosystem. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from Basecamp (such as messages and to-do lists) which could contain instructions from external users. However, the skill encourages the use of structured actions through the Membrane platform, which provides a layer of abstraction between the raw data and the agent's logic.
Audit Metadata