billy
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Membrane CLI (
membrane) to manage connections and execute actions. These commands are part of the intended integration workflow. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a legitimate vendor tool provided by the author to facilitate the integration. - [SAFE]: The skill explicitly instructs the agent to let Membrane handle credentials and never ask the user for API keys, which is a significant security best practice for managing sensitive tokens.
- [SAFE]: No evidence of prompt injection, obfuscation, or unauthorized data exfiltration was found. The skill operations are transparent and consistent with its stated purpose.
Audit Metadata