timebuzzer
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the public npm registry. This is the official command-line interface for the Membrane platform, which is the vendor's own infrastructure. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform various operations, including authentication (membrane login), connecting to services (membrane connect), and executing integration actions (membrane action run). These are standard operational commands for the described functionality. - [CREDENTIALS_SAFE]: The skill explicitly advises against asking users for API keys or tokens, directing them to use Membrane's connection management instead. This is a positive security practice that prevents sensitive credentials from being exposed in the agent's logs or context.
Audit Metadata