inspector
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the @membranehq/cli package from the NPM registry. This package is the official command-line tool for the skill's authoring vendor (membranedev) and is required for the integration logic.
- [COMMAND_EXECUTION]: All core functionality is performed through the execution of membrane CLI commands, such as login, connect, and action run. These operations are restricted to the vendor's platform and are used to interact with the Inspector APM data in a controlled environment.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by utilizing a secure authentication flow (membrane login) that delegates credential management to the vendor's platform. It explicitly instructs the agent to create connections rather than asking the user for sensitive API keys or tokens.
Audit Metadata