pointerpro
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli global package from the official NPM registry, which is a standard procedure for using the vendor's platform tools.
- [COMMAND_EXECUTION]: It utilizes shell commands to interact with the Membrane CLI for account authentication (membrane login), service connection (membrane connect), and running tasks (membrane action run).
- [REMOTE_CODE_EXECUTION]: The skill leverages the Membrane platform's capability to dynamically create and execute logic (membrane action create/run) on remote infrastructure based on natural language descriptions, which is the intended core functionality of the service.
- [CREDENTIALS_UNSAFE]: The skill demonstrates positive security posture by explicitly instructing the agent to never ask for or store API keys or tokens, instead using Membrane connections to manage the authentication lifecycle server-side.
Audit Metadata