finmo
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the Membrane CLI tool using the command
npm install -g @membranehq/cli@latest. This refers to an official package from the vendor's organization used for interacting with their services. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands for logging in, creating connections, and running actions. These operations are intended behaviors for managing the integration and do not involve unauthorized privilege escalation or dangerous execution of untrusted code. - [SAFE]: The skill highlights security best practices by recommending the use of managed connections to handle credentials, ensuring that the AI agent does not directly handle or store sensitive API keys. All external references (domains, repositories, and packages) are verified as belonging to the legitimate vendor (membranedev).
Audit Metadata