clearout
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI (
@membranehq/cli) from the official npm registry. This is the official tool provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: The skill utilizes shell commands through the
membraneCLI to perform operations such as logging in, creating connections, and running actions. These operations are restricted to the scope of the Membrane platform. - [CREDENTIALS_UNSAFE]: Security best practices are followed as the skill does not request or store raw API keys. Instead, it leverages Membrane's connection system to manage authentication tokens server-side.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external Clearout API calls via
membrane action run. While the output of these actions is processed by the agent, the risk of indirect injection is minimal and standard for data-integration skills.
Audit Metadata