serply
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This package is an official tool provided by the vendor (membranedev) to interact with their platform services. - [COMMAND_EXECUTION]: The skill utilizes shell commands via the Membrane CLI to perform authentication, create connections, and execute actions. These commands are standard operations for the skill's intended functionality.
- [METADATA_POISONING]: A discrepancy exists between the YAML frontmatter description (which mentions CRM-style leads and deals) and the body content (which correctly describes Serply as an SEO keyword tracking tool). This appears to be a documentation template error and poses no security risk.
Audit Metadata