turbot-pipes
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
@membranehq/clipackage from the official NPM registry. This is a vendor-owned resource (Membrane) used to provide the underlying infrastructure for the skill's operations. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to manage Turbot Pipes connections and execute API actions. This approach is secure as it delegates credential management and authentication refreshes to the Membrane platform rather than handling sensitive API keys directly within the skill.
Audit Metadata