documerge
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This is a standard installation procedure for the vendor's official command-line tool.- [COMMAND_EXECUTION]: The skill utilizes several shell commands (membrane login,membrane connect,membrane action run) to interact with the Documerge service. These commands are part of the intended functionality for managing integrations and do not exhibit malicious patterns.- [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking for or storing API keys locally, directing users to use the platform's connection management system, which is a recommended security practice.
Audit Metadata