goodbits
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the
@membranehq/cliNode.js package and thegetmembrane.comdomain, both of which are official resources belonging to the vendor (membranedev). - [SAFE]: The skill implements secure credential management practices by instructing the agent to use
membrane connectfor authentication, specifically advising against asking users for API keys or tokens. - [EXTERNAL_DOWNLOADS]: The skill guides the installation of the
@membranehq/clipackage from the public npm registry. This is the expected and legitimate method for acquiring the vendor's command-line interface.
Audit Metadata