toolset
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include the installation of the official CLI package
@membranehq/clifrom the NPM registry. This is a standard and safe procedure for using the vendor's platform. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform administrative tasks such as logging in, connecting to services, and executing actions. These are legitimate operations within the scope of the skill's intended purpose. - [CREDENTIALS_UNSAFE]: The documentation explicitly advises against asking for or handling raw API keys or tokens, directing the agent to use Membrane's built-in connection management. This is a robust security practice that minimizes the risk of credential exposure.
- [REMOTE_CODE_EXECUTION]: While the skill allows for the dynamic creation and execution of 'actions' through the Membrane platform, these operations are handled server-side by the service provider and do not involve the execution of untrusted local scripts or piped remote payloads.
Audit Metadata