simplero
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via NPM. This is a legitimate tool provided by the vendor for managing integrations. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as searching for connectors, running actions, and proxying API requests to Simplero. These are intended functional behaviors of the skill. - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. All network requests are proxied through Membrane, which manages authentication and API interaction securely.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by using Membrane's managed authentication instead of asking for or hardcoding API keys.
Audit Metadata