curated
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@membranehq/clipackage from the npm registry, which is the official command-line interface required for the integration. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform legitimate operations such as authentication, connection management, and executing newsletter-related actions (e.g., adding subscribers, listing issues). - [CREDENTIALS_UNSAFE]: No hardcoded secrets or unsafe credential handling patterns were detected. The skill uses a delegated authentication flow (
membrane login) that avoids storing raw API keys within the agent's environment.
Audit Metadata