new-sloth
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally using NPM. This is a standard installation of the vendor's official command-line interface tool. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands to log in, connect to services, and run actions. These operations are the primary function of the skill and are used to interact with the New Sloth platform. - [DATA_EXPOSURE]: The skill includes a 'Best practices' section that explicitly directs the agent to never ask the user for API keys or tokens, recommending the use of Membrane's connection system to manage credentials securely on the server.
Audit Metadata