foundriesio
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a legitimate tool provided by the vendor to facilitate integration and manage authentication with the Foundries.io service. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage the lifecycle of Foundries.io integrations, including authentication (membrane login), connection management (membrane connect), and action execution. These operations are core to the skill's intended functionality. - [CREDENTIALS_UNSAFE]: The skill implements secure credential management by advising the agent to never ask for API keys directly. Instead, it utilizes the Membrane platform's server-side authentication flows, which is a recommended security practice.
- [DATA_EXFILTRATION]: No patterns for exfiltrating sensitive local files or environment variables were detected. Network communication is limited to the official platform CLI and the Foundries.io service environment.
Audit Metadata