privyr
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is the official command-line interface provided by the vendor (membranedev) to interact with their services. - [COMMAND_EXECUTION]: The instructions involve running the
membraneCLI to perform various tasks such as authentication, listing actions, and running integrations. These commands are restricted to the vendor's ecosystem. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens. It uses a managed 'connection' system where the platform handles the authentication lifecycle server-side, reducing the risk of credential exposure.
Audit Metadata