cafe-24
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
@membranehq/clipackage, which is the official tool provided by the vendor. This is a standard dependency for the skill's intended functionality. - [COMMAND_EXECUTION]: The skill uses shell commands (e.g.,
membrane login,membrane connect,membrane action) to interact with the platform. These commands are scoped to the integration's operational requirements. - [CREDENTIALS_UNSAFE]: The skill follows secure patterns by delegating credential management to the Membrane platform via OAuth connection flows. It explicitly instructs the agent never to ask users for API keys or secrets.
Audit Metadata