edusign
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool (
@membranehq/cli) from the public npm registry. This is the standard delivery mechanism for the vendor's tooling. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line utility to manage authentications, connections, and service actions. All commands are consistent with the documented purpose of integrating with the Edusign API via the Membrane framework. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly instructing the agent to never ask for API keys or tokens, relying instead on Membrane's server-side connection management to handle secrets.
- [DATA_EXFILTRATION]: No unauthorized data transmission patterns were identified. Network communication is limited to the official platform and the Edusign API services.
Audit Metadata