chatwork
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a legitimate tool provided by the vendor (membrane) to facilitate the integration. - [COMMAND_EXECUTION]: The instructions involve running the
membranecommand-line utility to handle authentication, connect to the Chatwork service, and execute API actions. These commands are necessary for the skill's functionality and are constrained to the vendor's CLI environment. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against local secret management, directing the agent to use Membrane's server-side connection system. This is a secure approach that prevents sensitive tokens from being exposed in the local environment or prompt history.
Audit Metadata