instabot
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the public npm registry. This is a legitimate dependency provided by the vendor for platform interaction. - [COMMAND_EXECUTION]: The skill executes various
membraneCLI commands to perform tasks such as user authentication, connector setup, and action execution. These commands run within the user's terminal environment. - [SAFE]: The instructions explicitly warn the agent against asking for user credentials (API keys or tokens), favoring Membrane's built-in secure connection handling. No malicious patterns such as obfuscation or unauthorized data access were detected.
Audit Metadata