oksign
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the
@membranehq/clipackage for API interactions, which is an official tool from the vendor and is hosted on a well-known registry (NPM). - [SAFE]: Authentication is handled securely through the
membrane loginflow, which uses browser-based OAuth or a headless code completion method, ensuring no sensitive credentials like API keys are stored in plain text or hardcoded in the skill. - [SAFE]: All network operations and API requests are routed through the Membrane platform's proxy or pre-built actions, which manage authentication headers and token refreshes server-side.
- [SAFE]: Documentation links point to the official developer resources for the integrated service (esign.com) and the vendor's own domains.
Audit Metadata