generated-photos
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation instructs the agent to install the
@membranehq/clipackage using the NPM package manager. This is a standard installation of the official tool provided by the vendor (membranedev) to interface with their integration platform. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line tool to manage sessions, discover available API actions, and execute requests. These operations are the primary mechanism for the skill's intended functionality and do not involve unauthorized or suspicious system modifications. - [CREDENTIALS_UNSAFE]: The skill adheres to security best practices for credential handling. It uses the platform's native connection management system (
membrane loginandmembrane connect) to handle OAuth flows and token refreshes server-side, specifically advising against requesting API keys directly from the user.
Audit Metadata