digistore24
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/cliglobally via npm. This package is the official command-line interface provided by the skill's author (membranedev) to facilitate integration. - [COMMAND_EXECUTION]: The skill relies on shell commands (e.g.,
membrane action run,membrane login) to interact with the Digistore24 API. These commands flow through the author's authenticated CLI environment. - [SAFE]: The skill metadata contains a description ('Manage Users, Roles, Organizations, Projects, Pipelines, Goals and more') that seems to be templated from a different service, as it mentions features like 'Pipelines' and 'Goals' which are not standard to Digistore24. This is an informative finding regarding documentation accuracy rather than a security risk.
Audit Metadata