security-journey
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the official NPM registry. This is a first-party tool used by the author (membranedev) to facilitate secure communication with the underlying services. - [COMMAND_EXECUTION]: The skill utilizes several terminal commands (
membrane login,membrane connect,membrane action) to perform its primary functions. These commands are part of the intended workflow for managing integrations through the vendor's platform. - [SAFE]: The skill demonstrates a strong security posture by delegating sensitive credential management to the Membrane platform. It uses a secure login flow and includes specific instructions to avoid manual token handling, which reduces the risk of credential exposure.
Audit Metadata