procore
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the use of the '@membranehq/cli' package from npm, which is an official tool from the skill's author to manage API interactions.\n- [CREDENTIALS_UNSAFE]: Implements secure authentication via Membrane's connection management, avoiding the risks associated with hardcoded credentials or user-provided tokens.\n- [PROMPT_INJECTION]: As a data-processing tool, the skill has an ingestion surface for external content from Procore.\n
- Ingestion points: Project management data fetched via the 'membrane' CLI.\n
- Boundary markers: Absent from the skill instructions.\n
- Capability inventory: Access to Procore actions for reading and updating construction records.\n
- Sanitization: Not specified within the skill documentation.
Audit Metadata