sessions
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
@membranehq/clivianpxto perform operations like logging in, searching for connectors, and executing API actions. These commands are standard for the vendor's platform and do not involve unauthorized privilege escalation or persistence. - [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use
npx @membranehq/cli@latest, which fetches the latest version of the Membrane CLI from the NPM registry. This is an expected behavior for a skill designed to work with the Membrane ecosystem. - [DATA_EXFILTRATION]: While the skill mentions the storage of credentials in
~/.membrane/credentials.json, this is described in the context of standard local configuration for the CLI tool. No patterns were detected indicating that these credentials or other sensitive data are sent to unauthorized external domains.
Audit Metadata