grafbase
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI globally using the command
npm install -g @membranehq/cli@latest. This package is the official tool provided by the vendor for platform integration. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands to manage the lifecycle of the integration, including
membrane login,membrane connect, andmembrane action run. These commands are used to interact with the Grafbase API through the Membrane orchestration layer. - [SAFE]: The skill implements a secure-by-design approach for credential management. It explicitly instructs the agent and user to use
membrane connectfor OAuth flows rather than requesting or storing raw API tokens or secrets locally.
Audit Metadata