servicem8
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI global package (
@membranehq/cli). This is a legitimate tool provided by the platform mentioned in the skill metadata and homepage.- [COMMAND_EXECUTION]: The skill uses shell commands to interact with themembraneCLI for authentication, connection management, and running actions. These operations are standard for the tool's integration logic and do not involve suspicious parameters or privilege escalation.- [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens, instead utilizing a managed connection system through the Membrane platform to handle OAuth/authentication securely.- [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or persistence mechanisms was found. The skill's behavior aligns with its described purpose of managing ServiceM8 data.
Audit Metadata