the-odds-api
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI tool (
@membranehq/cli) from the public NPM registry. This is a standard developer tool associated with the skill's authoring organization. - [COMMAND_EXECUTION]: The skill utilizes shell commands through the
membraneCLI to manage connections and execute API actions. These operations are within the scope of the skill's documented purpose for automating sports odds data workflows. - [CREDENTIALS_UNSAFE]: The instructions explicitly follow security best practices by advising against the use of raw API keys and instead utilizing Membrane's server-side connection management system for the authentication lifecycle.
- [DATA_EXFILTRATION]: No patterns of unauthorized data access or exfiltration were detected. All network communication is directed through the official Membrane platform as intended.
- [REMOTE_CODE_EXECUTION]: While the skill can 'create' actions via the Membrane platform, this refers to cloud-based action generation within the service's managed environment rather than arbitrary local code execution.
Audit Metadata