fountain
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the NPM registry. This is the official command-line tool for the Membrane platform and is a vendor-owned resource. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to handle authentication, create connections, and execute actions. These operations are standard for the platform's functionality and do not involve arbitrary or dangerous command execution. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret management practices were found. The skill explicitly instructs the user to let Membrane handle credentials server-side, avoiding local storage of sensitive tokens.
- [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration or sensitive file access (such as SSH keys or environment files) was detected.
Audit Metadata