boxhero
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official Membrane CLI (
@membranehq/cli) to interact with the BoxHero API. This approach is secure as it delegates authentication and credential management to a dedicated platform, following the principle of least privilege for the local environment. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a standard and expected dependency for using the vendor's integration services. - [COMMAND_EXECUTION]: The instructions involve running several
membraneCLI commands for logging in, connecting to BoxHero, and executing actions. These commands are part of the documented functionality of the tool and do not involve suspicious or unauthorized activities.
Audit Metadata