centrifuge
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI tool using 'npm install -g @membranehq/cli@latest' and uses 'npx @membranehq/cli@latest' for action discovery. These are official packages provided by the skill's author (membranedev/membranehq).
- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' CLI to perform operations such as authentication, connection management, and running actions. These commands are part of the intended functionality to interact with the Centrifuge platform.
- [DATA_EXPOSURE_AND_EXFILTRATION]: Authentication is handled server-side by Membrane, following best practices to avoid exposing local secrets or API keys. The skill explicitly instructs users not to provide credentials directly.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from Centrifuge actions (Ingestion Point: 'membrane action run' output). While it has the capability to run further commands, this is within the expected operational scope of the platform (Capability Inventory: 'membrane action run', 'membrane action create').
Audit Metadata