momentive
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to install the
@membranehq/clipackage from the NPM registry. This package is the official command-line interface for the Membrane platform, used here to facilitate the integration. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operational tasks such as logging in, connecting to the Momentive service, and discovering or running actions. These commands are necessary for the skill's stated purpose of managing survey data. - [DATA_EXFILTRATION]: The skill communicates with the vendor's domain (
getmembrane.com) to manage connections and execute actions. This is the intended channel for authentication and action execution, following security best practices by delegating credential management to the platform rather than requesting local secrets.
Audit Metadata