flinks
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill integrates with Flinks through the Membrane platform, which is the intended purpose. No malicious patterns such as prompt injection, obfuscation, or unauthorized data exfiltration were detected.
- [EXTERNAL_DOWNLOADS]: The instructions suggest installing the
@membranehq/clipackage from the public npm registry. This is the official command-line interface for the Membrane platform and is necessary for the skill's operation. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI tool to perform actions such as logging in, connecting to services, and running financial data queries. These commands are standard for the platform's workflow and do not involve unauthorized privilege escalation or persistence mechanisms. - [CREDENTIALS_SAFE]: The skill explicitly follows security best practices by instructing the agent never to ask for API keys or tokens, instead relying on Membrane's server-side authentication lifecycle management.
Audit Metadata