shipday
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage via npm. This is the official command-line interface provided by the vendor (Membrane) and is a standard procedure for this integration. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands for logging in, connecting to services, and running actions. These operations are within the scope of the skill's intended functionality and do not exhibit malicious intent. - [CREDENTIALS_UNSAFE]: The skill demonstrates positive security practices by explicitly advising against requesting API keys or tokens from users, instead delegating credential management to the Membrane platform's server-side authentication lifecycle.
- [DATA_EXFILTRATION]: No unauthorized data transmission patterns were detected. All network communication with Shipday is brokered through the official Membrane infrastructure as described in the documentation.
Audit Metadata