pangea
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and installs the official Membrane CLI package (@membranehq/cli) from the public npm registry and links to official documentation for Pangea and Membrane. These are legitimate resources provided by the skill author.
- [COMMAND_EXECUTION]: The skill utilizes the membrane CLI for service authentication, action discovery, and execution. This is the intended core functionality and follows documented CLI interaction patterns.
- [CREDENTIALS_UNSAFE]: The skill explicitly advises against handling raw credentials (API keys or tokens) and instead directs the agent to use the platform's server-side connection management, which is a security best practice.
Audit Metadata