swagup
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is the official command-line interface provided by the vendor (Membrane) for managing integrations. - [COMMAND_EXECUTION]: The skill operates by executing
membraneCLI commands to perform tasks such as authentication, searching for actions, and running API calls. These are standard operations for this skill's intended purpose. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill explicitly instructs the agent to let Membrane handle credentials server-side, avoiding the need to ask for or store sensitive API keys locally in the prompt context.
Audit Metadata