courier
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
@membranehq/clipackage from the public npm registry. This is the official CLI tool for the vendor. - [COMMAND_EXECUTION]: The skill relies on shell commands to interact with the Membrane platform for authentication, searching for actions, and executing tasks.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The instructions follow security best practices by recommending the use of managed connections instead of hardcoding or requesting raw API keys from the user.
- [DYNAMIC_EXECUTION]: The skill includes functionality to create new actions on-the-fly via the
membrane action createcommand, which utilizes the Membrane platform's automated integration generation capabilities.
Audit Metadata