shipstation
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation guides users to install the
@membranehq/clipackage from the NPM registry. This is a legitimate tool provided by the skill's author (membranedev) to facilitate communication with their platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform various operations, including account authentication (membrane login), connection management (membrane connect), and executing ShipStation-specific actions (membrane action run). These commands are standard for the intended integration logic. - [DATA_EXFILTRATION]: The skill is designed to retrieve and process data from the ShipStation API, such as orders, shipments, and customer information. This data flow is the primary purpose of the skill and is handled through the vendor's authenticated proxy to ensure secure transit.
Audit Metadata