megaventory
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally via npm. This is the official CLI tool provided by the vendor (Membrane) to manage the integration's lifecycle and authentication. - [COMMAND_EXECUTION]: The skill uses various
membranecommands to authenticate (membrane login), manage connections (membrane connect), and execute inventory actions (membrane action run). These commands are standard operations within the Membrane environment and do not pose a security risk. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly advising against manual API key handling. It delegates credential management to the Membrane platform, which handles authentication tokens server-side.
Audit Metadata