factorial
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm. This is a standard global installation of the vendor's official command-line tool used to manage the integration logic. - [COMMAND_EXECUTION]: The skill documentation includes several CLI commands for the
membraneutility to manage authentication, list connections, and execute actions. These commands are integral to the skill's functionality and do not exhibit signs of malicious command injection or unauthorized access. - [CREDENTIALS_UNSAFE]: The skill demonstrates good security posture by explicitly instructing the agent to never ask for API keys or tokens. Instead, it uses a server-side connection model that handles credential lifecycles and refreshing automatically through the CLI.
Audit Metadata