Skills
skills/membranedev/application-skills/knowbe4/Gen Agent Trust Hub

knowbe4

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official npm registry. This is the legitimate tool provided by the vendor to enable the skill's functionality.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform operations such as authentication, connection management, and running KnowBe4 actions. These commands are necessary for the skill's operation and use the vendor's specialized tooling.
  • [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. The skill specifically instructs the user to let Membrane handle credentials server-side, which prevents the exposure of API keys or tokens in the local environment.
  • [REMOTE_CODE_EXECUTION]: While the membrane action create command triggers the generation of new actions, this process is managed by the vendor's infrastructure as a core service feature and does not involve executing untrusted local or remote scripts in a malicious manner.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 08:50 PM
Security Audit — agent-trust-hub — knowbe4