metricfire
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool using
npm install -g @membranehq/cli@latest. This is a vendor-owned package from the official npm registry. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line utility to perform administrative tasks such as logging in, creating connections, and executing actions. These commands are part of the intended workflow for the Membrane platform. - [DYNAMIC_EXECUTION]: The
membrane action createcommand allows the platform to generate new integration code based on natural language descriptions provided by the user. This dynamic generation occurs within the vendor's infrastructure. - [SAFE]: The skill adheres to security best practices by explicitly instructing the user and agent not to request or handle raw API keys, delegating credential management to the platform's connection system.
Audit Metadata