mailercloud
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI tool using
npm install -g @membranehq/cli@latest. This is a standard installation of the vendor's official management tool from the public npm registry. - [COMMAND_EXECUTION]: The skill uses multiple shell commands via the
membraneCLI to perform administrative tasks, including logging in, connecting to services, and listing or running actions. - [REMOTE_CODE_EXECUTION]: The skill features the ability to dynamically create new actions on the Membrane platform using the
membrane action createcommand. These actions are generated and executed within the vendor's cloud environment based on natural language descriptions provided to the CLI. - [CREDENTIALS_UNSAFE]: The skill follows security best practices for credential management. It uses
membrane loginandmembrane connectto handle OAuth flows and token management server-side. It explicitly instructs the agent to never ask the user for sensitive API keys or tokens, reducing the risk of credential exposure.
Audit Metadata