slybroadcast
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is a legitimate utility provided by the platform (Membrane) to facilitate secure interactions with external APIs. - [COMMAND_EXECUTION]: The skill guides the agent to use shell commands (via the
membraneCLI) to manage API connections and execute actions. This is the intended operational model of the skill and does not involve arbitrary or malicious command injection. - [CREDENTIALS_UNSAFE]: The skill demonstrates best practices for credential safety. It explicitly instructs the agent to never ask the user for API keys or tokens, instead using a 'connection' model where the Membrane platform manages the authentication lifecycle server-side.
- [DATA_EXFILTRATION]: All network operations are directed through the Membrane platform or the official Slybroadcast API documentation site. There are no patterns indicating unauthorized data transfer to untrusted third-party domains.
Audit Metadata