Skills
skills/membranedev/application-skills/donedone/Gen Agent Trust Hub

donedone

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the @membranehq/cli package, which is installed from the official NPM registry. This is a vendor-provided tool required for the skill's core functionality.
  • [COMMAND_EXECUTION]: Task management is performed through the membrane CLI. The commands are clearly documented and are used to search for, create, and run actions within the DoneDone environment.
  • [CREDENTIALS_UNSAFE]: The skill demonstrates secure credential management by using the membrane login and membrane connect workflows. This approach avoids local storage of sensitive API keys and leverages browser-based authentication.
  • [DATA_EXFILTRATION]: No suspicious data exfiltration patterns were detected. Network activity is limited to the intended communication between the CLI, the Membrane platform, and the DoneDone API.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 12:59 AM
Security Audit — agent-trust-hub — donedone