dataddo
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@membranehq/clipackage from the public NPM registry. This is the official command-line interface provided by the vendor (Membrane) to interact with their services. - [COMMAND_EXECUTION]: The instructions involve running
membranecommands (e.g.,login,connect,action run) to manage connections and automate data tasks. These commands are part of the standard workflow for the vendor's platform and are used to provide secure authentication and API interaction. - [REMOTE_CODE_EXECUTION]: The skill uses
npx @membranehq/cli@latestto dynamically discover available actions. This execution pattern is directed at the vendor's official package registry and is consistent with the skill's documented purpose. - [DATA_EXFILTRATION]: While the skill facilitates network requests to the Dataddo API (
membrane request), these operations are performed via a managed proxy that handles authentication headers securely. This aligns with the primary purpose of the skill for data management and does not involve unauthorized data movement.
Audit Metadata