jazzhr
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/cliNode.js package. This is a vendor-owned package (Membrane) used to interface with their service. - [COMMAND_EXECUTION]: The skill relies on executing
membraneCLI commands to perform tasks such as logging in, connecting to JazzHR, and running automation actions. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by delegating authentication to the Membrane platform, which handles credential lifecycle server-side and avoids local storage of sensitive API keys.
Audit Metadata