shotstack
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This is a standard installation procedure for the vendor's command-line interface. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to perform authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). These are the primary methods for interacting with the platform and are consistent with the skill's stated purpose. - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. The skill uses Membrane's server-side connection management to handle authentication tokens, avoiding the need for hardcoded local secrets or API keys.
- [PROMPT_INJECTION]: No malicious prompt injection or behavior override instructions were found in the skill metadata or body.
Audit Metadata