boloforms
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the npm registry. This is the official command-line interface provided by the vendor (Membrane) and is required for the skill to operate. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform legitimate operations such as authentication, action discovery, and workflow execution. These commands are localized to the Membrane environment and do not pose a security risk to the host system. - [SAFE]: Authentication is handled using managed connections (OAuth/Personal Access Tokens managed server-side by Membrane), which prevents sensitive credentials like API keys from being exposed in the agent's context or local environment.
- [SAFE]: The instructions promote secure data handling by advising the agent to let the platform manage the full authentication lifecycle server-side.
Audit Metadata