fireflies
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is an official tool provided by the vendor (Membrane). - [COMMAND_EXECUTION]: The skill uses shell commands to interact with the
membraneCLI for logging in, managing connections, and executing actions. These are standard operations for this platform integration. - [CREDENTIALS_UNSAFE]: The skill demonstrates secure credential handling by using a delegated authentication flow (
membrane login) and specifically advising users never to handle API keys or tokens directly within the agent context. - [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration was found. Network operations are limited to the intended functionality of the Membrane and Fireflies APIs.
Audit Metadata