oysterhr
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the
@membranehq/clipackage, which is a resource owned and maintained by the vendor (membranedev). The installation and usage of this CLI tool are consistent with the skill's stated purpose of managing OysterHR data via the Membrane platform. - [SAFE]: The skill explicitly advises against asking users for API keys or secrets, instructing the agent to use Membrane's server-side connection management. This is a recommended security practice to prevent local credential exposure.
- [SAFE]: No instances of prompt injection, obfuscation, or unauthorized data exfiltration were detected. The skill's behavior is transparent and aligns with its documentation.
Audit Metadata