mailercloud

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI tool using npm install -g @membranehq/cli@latest. This is a standard installation of the vendor's official management tool from the public npm registry.
  • [COMMAND_EXECUTION]: The skill uses multiple shell commands via the membrane CLI to perform administrative tasks, including logging in, connecting to services, and listing or running actions.
  • [REMOTE_CODE_EXECUTION]: The skill features the ability to dynamically create new actions on the Membrane platform using the membrane action create command. These actions are generated and executed within the vendor's cloud environment based on natural language descriptions provided to the CLI.
  • [CREDENTIALS_UNSAFE]: The skill follows security best practices for credential management. It uses membrane login and membrane connect to handle OAuth flows and token management server-side. It explicitly instructs the agent to never ask the user for sensitive API keys or tokens, reducing the risk of credential exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 05:37 PM
Security Audit — agent-trust-hub — mailercloud