builderio
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool (
@membranehq/cli) from the npm registry. This is a standard requirement for interacting with the Membrane platform described in the skill. - [COMMAND_EXECUTION]: The instructions utilize the
membraneCLI for various tasks, including authentication (membrane login), connection management (membrane connect), and executing integration logic (membrane action run). These are documented, functional commands for the platform. - [SAFE]: The skill includes explicit security guidance for the agent, instructing it to never ask users for raw API keys or tokens. Instead, it leverages Membrane's server-side authentication lifecycle, which is a significant security improvement over manual credential handling.
- [SAFE]: Data ingestion from Builder.io is managed through specific actions. While this introduces a standard surface for processing external content, the instructions emphasize using structured actions that handle pagination and field mapping, reducing the risks associated with raw API responses.
Audit Metadata