originalityai
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: Installs the @membranehq/cli package from the npm registry and uses npx to run remote CLI tools, which are official utilities provided by the vendor.
- [DATA_EXPOSURE_AND_EXFILTRATION]: Utilizes Membrane's connection management system to handle authentication server-side, preventing the exposure or local storage of API keys and tokens during the agent's operation.
- [INDIRECT_PROMPT_INJECTION]: The skill uses natural language intents to search for and create integration actions, where the results returned by the platform are processed by the agent.
- Ingestion points: Data returned from membrane action list and membrane action get CLI commands.
- Boundary markers: None identified.
- Capability inventory: Execution of shell commands via the membrane action run utility.
- Sanitization: None identified.
Audit Metadata