disqo
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill uses the official Membrane CLI (
@membranehq/cli) to facilitate communication with Disqo. This is a verified vendor resource consistent with the skill's stated purpose. - [SAFE]: Authentication is performed using a secure OAuth flow through the
membrane logincommand, ensuring that no sensitive credentials or API keys are hardcoded or handled directly by the agent. - [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry. This is a standard dependency for the Membrane ecosystem. - [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
membraneCLI. These operations are limited to managing connections and running actions on the Disqo platform through Membrane's secure environment. - [SAFE]: While the skill processes data from an external source (Disqo), which represents a theoretical surface for indirect prompt injection, this behavior is essential for the skill's functionality and is not accompanied by any malicious patterns.
Audit Metadata