motion
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access attempts were detected in the skill instructions.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the official NPM registry. This is a standard installation procedure for the vendor's own tooling and does not constitute a security risk. - [COMMAND_EXECUTION]: The instructions utilize the
membranecommand-line interface to facilitate authentication and API interactions with Motion. These commands are consistent with the skill's stated purpose of project management integration. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill explicitly advises against asking users for API keys or tokens, instead utilizing a connection-based authentication model managed by the vendor service, which is a security best practice.
Audit Metadata