sps-commerce
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/clifrom the official NPM registry. This is a legitimate utility provided by the vendor to facilitate API interactions. - [COMMAND_EXECUTION]: Various CLI commands are utilized (e.g.,
membrane login,membrane connect,membrane action run) to interact with the SPS Commerce service. These commands are part of the intended functionality for managing supply chain data. - [SAFE]: The skill follows security best practices by utilizing a third-party platform (Membrane) to handle OAuth and credential management, reducing the risk of accidental secret exposure. No malicious code, obfuscation, or unauthorized data access patterns were identified.
Audit Metadata