proofpoint
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/cliNode.js package from the official npm registry. This is a vendor-owned tool used to interact with the Membrane platform. - [COMMAND_EXECUTION]: Uses local shell commands to manage the integration through the
membraneCLI. This includes commands for authentication (membrane login), connection management (membrane connect), and executing integration tasks (membrane action run). - [REMOTE_CODE_EXECUTION]: Utilizes
membrane action create, which generates integration logic on the Membrane platform based on a natural language description. This is a core feature of the documented service and operates within the platform's managed environment. - [CREDENTIALS_UNSAFE]: The skill explicitly follows best practices by directing the agent to use Membrane's connection system rather than requesting or storing raw API keys or tokens locally.
Audit Metadata