medusa-commerce
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI (
@membranehq/cli) via npm. This is a vendor-owned package used to facilitate communication with the Medusa Commerce integration platform. - [COMMAND_EXECUTION]: Instructs the agent to use the
membraneCLI for logging in, managing connections, and executing commerce actions. These commands are standard for the tool's intended use. - [SAFE]: Implements secure credential handling by using a centralized platform (Membrane) to manage API tokens and authentication flows server-side, which prevents the agent or skill from needing to handle raw credentials directly.
Audit Metadata