sevdesk
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a vendor-provided tool used to interact with the Membrane platform and handle API communication. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI tool to perform operations such as logging in, connecting to SevDesk, and executing actions. These commands are part of the standard operating procedure for the Membrane ecosystem. - [DATA_EXFILTRATION]: The skill explicitly advises against asking users for API keys or tokens, instead utilizing the platform's connection management system to handle authentication server-side. This reduces the risk of credential exposure.
- [REMOTE_CODE_EXECUTION]: The
membrane action createcommand triggers the remote building of an integration action on the Membrane platform based on a natural language description. This is a core feature of the service and does not involve local dynamic execution of untrusted code.
Audit Metadata