blackfire
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Membrane CLI (
membrane) to perform actions such as logging in, connecting to services, and executing pre-defined integration logic. This is the intended behavior for managing integrations through the vendor's toolchain. - [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the official npm registry. This is a standard deployment step for the vendor's tooling and does not involve untrusted sources. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive files are accessed. The skill explicitly advises using the
membrane connectcommand to handle OAuth flows server-side, which prevents the leakage of API keys or tokens in the local environment.
Audit Metadata