blend
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the '@membranehq/cli' package via npm. This is an official tool provided by the vendor 'membranedev' (as indicated by the author metadata and repository context) for interacting with their platform.
- [COMMAND_EXECUTION]: The skill uses 'membrane' CLI commands for authentication, connection management, and action execution. These operations are within the scope of the skill's functionality and use the vendor's specialized tooling.
- [CREDENTIALS_UNSAFE]: The skill leverages the Membrane CLI's secure authentication flow (OAuth-based/browser login), which manages secrets server-side and prevents the need for hardcoded API keys or manual credential entry.
- [DATA_EXFILTRATION]: Data transfer occurs through the Membrane CLI and is directed to the Membrane platform and Blend API for processing. No suspicious or unauthorized exfiltration patterns were observed.
Audit Metadata