supercast
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a standard procedure for using the vendor's tools and does not involve untrusted sources. - [COMMAND_EXECUTION]: The instructions involve executing commands via the
membraneCLI to authenticate, connect to services, and run actions. These operations are within the scope of the skill's documented purpose for managing Supercast data. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens, directing the agent to use Membrane's secure connection management instead. This is a positive security practice.
- [SAFE]: No evidence of prompt injection, obfuscation, data exfiltration, or malicious persistence mechanisms was found in the analyzed file.
Audit Metadata