cloudquery
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@membranehq/clipackage globally from the public NPM registry. This package is the official CLI utility for the Membrane integration platform, as documented by the skill's author. - [COMMAND_EXECUTION]: It provides various commands for the
membranebinary to handle authentication, create connections to CloudQuery, and run SQL-based actions. These executions are legitimate and necessary for the skill's primary function of cloud asset inventory management. - [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or obfuscation were identified. The skill promotes security best practices by recommending the use of the platform's server-side credential management rather than requiring users to handle raw API keys locally.
Audit Metadata