simplehash
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by delegating credential management and authentication to a dedicated CLI tool (@membranehq/cli), preventing the need for the agent to handle sensitive API keys directly.- [EXTERNAL_DOWNLOADS]: The skill recommends installing the Membrane CLI from the official npm registry. As this is a first-party tool from the skill's author (membrane), it is considered a legitimate dependency.- [METADATA_POISONING]: There is a minor discrepancy in the frontmatter description which mentions CRM entities (Deals, Persons, Organizations) while the skill body correctly describes SimpleHash as an NFT intelligence platform. This appears to be a documentation template error rather than a malicious attempt to deceive.
Audit Metadata