pdfmonkey
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI from the npm registry using
npm install -g @membranehq/cli@latest. This is a standard installation of a legitimate tool from the official vendor repository. - [COMMAND_EXECUTION]: Uses the
membranecommand-line utility to perform administrative and operational tasks such asmembrane login,membrane connect, andmembrane action run. These commands are used as intended for service integration and do not perform unauthorized system modifications. - [CREDENTIALS_UNSAFE]: Specifically advocates for security best practices by instructing the agent to never ask the user for API keys or tokens. Instead, it utilizes Membrane's centralized connection management to handle the authentication lifecycle server-side.
- [REMOTE_CODE_EXECUTION]: Includes a feature to dynamically create new actions on the Membrane platform using
membrane action create. While this involves generating logic at runtime, the execution occurs within the managed and isolated environment of the Membrane SaaS platform, not on the local host.
Audit Metadata