codesee
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a standard installation of the vendor's own command-line tool required for the skill's functionality. - [COMMAND_EXECUTION]: The skill uses various shell commands through the
membraneCLI to perform authentication, create connections, and execute actions. These commands are part of the intended integration logic. - [PROMPT_INJECTION]: There is a surface for indirect prompt injection as the skill processes output from remote actions (e.g., action results from CodeSee). However, the risk is minimal as the skill facilitates interaction between two authorized services within the user's environment.
Audit Metadata