brex
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry, which is the official tool provided by the vendor. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line utility to interact with the Brex API. This includes listing users, cards, and expenses, as well as creating or running integration actions. - [CREDENTIALS_UNSAFE]: The skill adheres to security best practices by explicitly advising the agent to never request API keys or tokens from the user, relying instead on the platform's secure connection management.
- [SAFE]: All external references, including the CLI tool and the
getmembrane.comdomain, belong to the skill's author (membranedev) and represent intended functionality.
Audit Metadata