fis
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is a legitimate tool provided by the skill's author to manage integrations. - [COMMAND_EXECUTION]: The skill uses various shell commands through the
membraneCLI to perform actions like logging in, connecting to services, and executing financial data operations. These are standard operations for the skill's stated purpose. - [SAFE]: Authentication is handled through a secure browser-based flow or a headless authorization URL provided by the vendor's platform. This design prevents the need for hardcoded credentials or manual API key handling within the agent's environment.
Audit Metadata