bookboost-guest-messaging
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official npm registry. This is a verified vendor tool used for managing API connections. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to authenticate users, list connections, and run actions. All commands are standard operations for the Membrane integration framework and do not involve unauthorized privilege escalation or persistence. - [CREDENTIALS_SAFE]: The skill follows security best practices by delegating credential management to the Membrane platform. It explicitly instructs the agent not to ask for API keys or tokens, using a secure connection-based flow instead.
Audit Metadata