lucid
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the NPM registry. This is the official command-line interface provided by the vendor (Membrane) to facilitate integrations. - [COMMAND_EXECUTION]: The skill utilizes several shell commands (e.g.,
membrane login,membrane action list,membrane connect) to interact with the Membrane platform and Lucid data. These commands are the primary mechanism for the skill's operation and are used as intended for service integration. - [CREDENTIALS_UNSAFE]: The skill demonstrates good security posture by explicitly advising against asking for API keys or tokens. Instead, it uses a managed connection flow where authentication is handled server-side by the vendor's platform.
Audit Metadata