deploybot
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official
@membranehq/clipackage from the NPM registry. This is a vendor-provided tool necessary for the skill's operation. - [COMMAND_EXECUTION]: The skill relies on shell commands (e.g.,
membrane login,membrane action run) to interact with the DeployBot service through the Membrane platform. - [SAFE]: The skill follows security best practices by explicitly instructing the agent to never ask for user API keys or tokens, instead delegating authentication to the Membrane CLI's secure connection flow.
Audit Metadata