docebo
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI package (
@membranehq/cli) from the public npm registry. This is the expected and documented method for interacting with the vendor's platform. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to handle authentication (membrane login), connection management (membrane connect), and API interaction (membrane action run). These commands are necessary for the skill's primary purpose of managing Docebo data. - [SAFE]: The skill explicitly promotes security best practices by instructing the agent to never request raw API keys or tokens from the user. Instead, it delegates credential lifecycle management to the Membrane platform's server-side infrastructure.
Audit Metadata