thoughtly
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the public NPM registry. This is a standard procedure for installing the necessary command-line tools for the integration. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform various tasks such as authentication, listing connections, and running actions. These operations are core to the skill's functionality and are performed through the vendor's official tool. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking the user for API keys or tokens, recommending instead that credentials be managed via Membrane's server-side connection lifecycle.
Audit Metadata