imperva
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Installs the vendor's CLI tool globally using
npm install -g @membranehq/cli@latest. This is a standard installation procedure for this ecosystem. - [COMMAND_EXECUTION]: Uses several shell commands (
membrane login,membrane connect,membrane action run) to interface with the Membrane platform. These commands facilitate authentication and API interaction without exposing raw credentials to the agent or user logs. - [EXTERNAL_DOWNLOADS]: Fetches the
@membranehq/clipackage from the official npm registry and references documentation from Imperva's official site. These are verified vendor resources. - [DATA_EXFILTRATION]: The skill explicitly adheres to secure practices by instructing the agent never to request API keys or tokens directly from the user, relying instead on server-side connection management.
Audit Metadata