bluecart-api
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of the '@membranehq/cli' package from the npm registry. This is a legitimate tool provided by the vendor 'membranedev' to facilitate API integrations.
- [COMMAND_EXECUTION]: Multiple shell commands are provided for using the 'membrane' CLI to manage authentication and interact with the BlueCart API. These commands are standard for the tool's operation.
- [SAFE]: The documentation contains a high volume of irrelevant, repetitive compliance policy names and a table that mistakenly describes Walmart-specific actions. These appear to be unintentional documentation template errors rather than malicious metadata poisoning.
Audit Metadata