bright-security
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a vendor-owned resource necessary for the skill's primary function. - [COMMAND_EXECUTION]: Standard CLI operations are described for authentication (
membrane login) and resource management (membrane connection,membrane action). These commands interact with the vendor's platform to automate workflows and do not involve suspicious execution patterns. - [DATA_EXFILTRATION]: No sensitive data access or unauthorized exfiltration patterns were detected. The skill specifically highlights that credentials are managed server-side by the Membrane platform, reducing the risk of local secret exposure.
Audit Metadata