Skills
skills/membranedev/application-skills/open-exchange-rates/Gen Agent Trust Hub

open-exchange-rates

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to manage connections, search for actions, and execute API calls. This is the intended behavior for integrating with the Membrane platform.
  • [EXTERNAL_DOWNLOADS]: Includes instructions to install the @membranehq/cli package from the official NPM registry. This package belongs to the vendor's toolchain and is necessary for the skill's functionality.
  • [CREDENTIALS_UNSAFE]: The skill documentation explicitly warns against asking for user API keys or tokens. It leverages a managed authentication flow (membrane connect), which is a secure alternative to hardcoding or manually handling credentials.
  • [SAFE]: Analysis of the skill instructions and metadata revealed no evidence of prompt injection, obfuscation, persistence mechanisms, or unauthorized data exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:35 PM
Security Audit — agent-trust-hub — open-exchange-rates