commbox
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/cliNode.js package from the official npm registry. This is a legitimate utility provided by the skill's author to interface with their integration platform. - [COMMAND_EXECUTION]: The skill uses shell commands through the
membraneCLI to perform authentication, create connections, and execute actions. These commands are necessary for the skill's primary function and do not exhibit malicious behavior. - [DATA_EXFILTRATION]: No unauthorized data exfiltration or credential harvesting was detected. The skill explicitly discourages the use of raw API keys, opting for a secure, server-side authentication flow managed by the Membrane platform.
Audit Metadata