tray
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform all integration tasks, including authentication, connection management, and executing Tray actions. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage via npm. This is a vendor-owned tool (membranedev) required for the integration logic. - [CREDENTIALS_SAFE]: The skill follows security best practices by explicitly instructing the agent to never ask the user for API keys or tokens, instead delegating authentication lifecycle management to the Membrane platform.
Audit Metadata