smartreach
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clitool from the NPM registry. This is the official command-line interface provided by the vendor (membranedev) to interact with their platform services. - [COMMAND_EXECUTION]: The skill utilizes shell commands via the
membraneCLI to perform various tasks, including logging in, creating connections, searching for actions, and executing them. This is the intended mechanism for the skill's functionality. - [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill explicitly follows best practices by instructing the agent to never ask the user for API keys or tokens, relying instead on the platform's secure authentication management.
- [PROMPT_INJECTION]: The skill provides clear instructions for the agent to use structured commands and does not contain any patterns attempting to bypass safety filters or override system instructions.
Audit Metadata