demandbase
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is a vendor-owned resource used to interface with the Membrane platform. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands to handle authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). These commands are standard for the intended integration and use the vendor's specialized tooling. - [DATA_EXPOSURE]: The skill explicitly follows best practices by instructing the agent to never ask the user for API keys or tokens, instead using Membrane's server-side connection management to handle sensitive credentials.
Audit Metadata