grovo
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is the official tool provided by the vendor for managing integrations. - [COMMAND_EXECUTION]: Shell commands are used via the
membraneCLI to authenticate the user, list service connections, and execute actions against the Grovo API. - [SAFE]: The skill explicitly advises the agent to let the Membrane platform handle credentials and never to ask the user for API keys or tokens, which is a significant security best practice for delegated authentication.
Audit Metadata