snapscan
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by delegating credential management to the Membrane platform instead of asking users for secrets or storing them locally.
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package from the public NPM registry. This tool is provided by the same vendor as the skill and is required for its functionality.
- [COMMAND_EXECUTION]: Utilizes the membrane CLI to perform operations like listing connections and running actions. These are legitimate administrative tasks for this integration.
- [SAFE]: Employs a secure authentication flow that keeps user credentials isolated from the agent's environment and logic.
Audit Metadata