expofp
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from the public NPM registry. This is a vendor-owned resource necessary for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform actions such as listing connections, creating actions, and running integration workflows. These commands are standard operations for the Membrane platform. - [CREDENTIALS_UNSAFE]: The instructions explicitly follow security best practices by advising against asking users for API keys or tokens, instead using the CLI's built-in authentication flow to manage credentials server-side.
- [DATA_EXPOSURE]: The skill interacts with event management data from ExpoFP (e.g., attendees, sponsors, floor plans). This access is restricted to the scope of the user-authorized connection.
Audit Metadata