caseblocks
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/cliglobal package from the public NPM registry. This is a legitimate tool provided by the vendor to interact with their platform. - [COMMAND_EXECUTION]: The instructions utilize the
membraneCLI to perform operations such as authentication (membrane login), connection management (membrane connect), and action execution. These commands are necessary for the skill's stated purpose of integrating with Caseblocks. - [SAFE]: The skill follows security best practices by delegating credential management to a server-side platform (Membrane) rather than requesting or storing API keys locally. No obfuscation, persistence mechanisms, or privilege escalation attempts were found.
Audit Metadata