flexport
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry and usesnpxto run commands from the same package. These are official tools provided by the vendor (membranedev) for interacting with their service. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operational tasks such as logging in, creating connections, and executing actions. These commands are necessary for the skill's primary purpose of managing Flexport data through the Membrane platform. - [SAFE]: The skill demonstrates secure credential handling by delegating authentication and token management to the Membrane service. It specifically instructs the agent not to ask for API keys, ensuring that authentication flows occur through authorized browser-based or headless CLI processes.
Audit Metadata