retailed
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the public npm registry. This is the official command-line interface provided by the skill's author to manage integrations. - [COMMAND_EXECUTION]: Uses the
membranecommand-line tool to perform actions such as logging in, connecting to services, and running data operations. These commands are necessary for the skill's stated purpose of managing Retailed data. - [DATA_EXFILTRATION]: The skill transmits data between the user's environment and the Retailed platform through the Membrane service. Authentication is handled server-side or via official OAuth flows, minimizing the exposure of raw credentials.
- [PROMPT_INJECTION]: Evaluated for indirect prompt injection risks as the skill processes data from an external API (Retailed). While it lacks explicit output delimiters, the capabilities are scoped to the authenticated Membrane environment.
Audit Metadata