socket
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the Membrane CLI tool via NPM (
@membranehq/cli). This is a legitimate tool provided by the vendor (membranedev) for interacting with their platform. - [COMMAND_EXECUTION]: The skill uses shell commands (
membrane login,membrane connect,membrane action run) to manage integrations and execute actions. These are the primary intended functions of the skill for workflow automation. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing the agent to never ask the user for API keys or tokens, instead utilizing Membrane's server-side credential management system.
- [DATA_EXPOSURE]: No sensitive local file access or unauthorized data exfiltration patterns were detected. Network operations are directed towards the Socket platform and Membrane's infrastructure.
Audit Metadata