cody
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as searching for actions, creating new integrations, and running workflows. This is the intended primary functionality of the skill. - [EXTERNAL_DOWNLOADS]: The skill directs users to install the
@membranehq/clipackage from NPM. As this package is the official tool provided by the skill's author (membrane/membranedev), it is considered a legitimate dependency. - [SAFE]: The documentation explicitly promotes secure practices by advising against asking users for API keys or tokens, leveraging server-side connection management instead.
Audit Metadata