enrow
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the official NPM registry. This is a legitimate tool provided by the vendor (membranedev) to facilitate communication with their platform. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line utility to perform operations such as authentication, action discovery, and execution. These commands are directed at the vendor's own infrastructure. - [SAFE]: The skill demonstrates security best practices by delegating credential management to a centralized platform rather than requesting API keys directly. No evidence of obfuscation, unauthorized data exfiltration, or persistence mechanisms was found.
Audit Metadata