statuspage
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Membrane CLI (
membrane) to perform operations such as logging in, connecting to services, and executing remote actions. These commands are part of the intended integration workflow for the vendor's platform. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the vendor's official command-line tool using
npm install -g @membranehq/cli@latest. This is a standard installation procedure for the service provided by the author. - [REMOTE_CODE_EXECUTION]: The skill manages and runs 'actions' on the Membrane platform via
membrane action run. While this involves executing logic hosted remotely, it is the primary purpose of the skill and occurs within the vendor's controlled environment. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill explicitly recommends letting Membrane handle credentials server-side rather than asking users for API keys, which is a positive security practice that prevents local credential exposure.
Audit Metadata