sevdesk

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the NPM registry. This is a vendor-provided tool used to interact with the Membrane platform and handle API communication.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI tool to perform operations such as logging in, connecting to SevDesk, and executing actions. These commands are part of the standard operating procedure for the Membrane ecosystem.
  • [DATA_EXFILTRATION]: The skill explicitly advises against asking users for API keys or tokens, instead utilizing the platform's connection management system to handle authentication server-side. This reduces the risk of credential exposure.
  • [REMOTE_CODE_EXECUTION]: The membrane action create command triggers the remote building of an integration action on the Membrane platform based on a natural language description. This is a core feature of the service and does not involve local dynamic execution of untrusted code.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 12:06 PM
Security Audit — agent-trust-hub — sevdesk