The Agent Skills Directory

[SAFE]: The skill follows established security practices by using a dedicated CLI for authentication and API interaction rather than handling secrets directly within the agent's logic.
[EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from npm. This is a legitimate dependency provided by the vendor (Membrane) to facilitate the integration.
[COMMAND_EXECUTION]: The skill uses shell commands via the membrane CLI to perform tasks such as logging in, creating connections, and running actions. These operations are standard for the tool's functionality and do not involve arbitrary code execution or unsafe parameter injection.
[CREDENTIALS_UNSAFE]: The instructions explicitly tell the user and the agent to avoid manual handling of API keys or tokens, leveraging Membrane's server-side authentication management instead.

dixa