easyly
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official Membrane CLI package (
@membranehq/cli) from the npm registry. This is a standard dependency for using the Membrane platform and originates from the skill author's organization. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to interact with the Easyly service. These commands include authenticating, connecting to the service, and running specific actions. All command execution is scoped to the legitimate functionality of the integration. - [CREDENTIALS_UNSAFE]: The skill explicitly follows security best practices by instructing the agent to never ask the user for API keys or tokens. Instead, it uses the
membrane connectflow, which handles authentication server-side without exposing secrets to the local environment.
Audit Metadata