teamtailor
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/clifrom the official NPM registry. This package is the primary interface for the vendor's platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform administrative and data tasks (login, connect, run). These commands are standard for the tool's operation and do not involve arbitrary shell injection. - [DATA_EXFILTRATION]: Network access is used to interact with the Teamtailor API (developers.teamtailor.com) and the Membrane platform (getmembrane.com). No unauthorized data exfiltration or suspicious network destinations were found.
- [CREDENTIALS_UNSAFE]: The skill avoids hardcoded secrets and explicitly instructs the agent and user to manage credentials through the platform's secure connection flow rather than handling raw tokens or API keys.
- [SAFE]: No signs of prompt injection, obfuscation, or persistence mechanisms were detected. The skill's behavior aligns with its documented purpose.
Audit Metadata