loyaltylion
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the Membrane CLI (
@membranehq/cli) globally via npm. This is a standard requirement for interacting with the Membrane platform and the package is maintained by the vendor. - [COMMAND_EXECUTION]: The skill executes various
membraneCLI commands to manage authentication (membrane login), established connections (membrane connect), and perform actions (membrane action run). These commands are restricted to the intended functionality of the integration. - [DATA_EXPOSURE]: The skill explicitly advises against asking users for API keys or tokens, recommending the use of Membrane's managed connection system. This is a positive security practice that prevents local credential exposure.
Audit Metadata