reviewflowz
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected within the skill content.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via npm and usesnpxto run commands from the same package. These are official tools provided by the vendor ('membranedev') for interacting with their infrastructure and are considered safe within this context. - [SAFE]: The authentication process described utilizes the
membrane loginandmembrane connectflows, which avoid exposing sensitive credentials directly to the agent or local environment by handling them server-side.
Audit Metadata