jellyreach
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using the 'membrane' CLI to log in, establish connections to the Jellyreach API, and execute actions.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the '@membranehq/cli' package from the npm registry, which is the legitimate management tool for the Membrane platform.
- [SAFE]: The skill follows security best practices by utilizing server-side authentication via the Membrane platform, ensuring that no sensitive API keys are handled directly by the agent or stored locally.
- [SAFE]: While the skill ingests external data from Jellyreach (such as contact lists), this is an inherent part of its functionality and is performed using vendor-provided tools without evidence of malicious exploitation or prompt injection.
Audit Metadata