docspring
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the official NPM registry. This is a vendor-owned tool required for the skill's operation. - [COMMAND_EXECUTION]: The skill uses the Membrane CLI (
membrane) to manage authentication, search for actions, and execute document generation tasks. These commands are necessary for the intended integration with DocSpring. - [SAFE]: The skill explicitly advises against asking users for sensitive information like API keys or tokens, instead utilizing a server-side connection management system provided by the vendor.
Audit Metadata