vectara
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the Membrane CLI tool using 'npm install -g @membranehq/cli@latest'. This is a standard procedure for installing the vendor's official command-line interface.
- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' CLI to perform operations such as authentication, connection management, and action execution. These commands are necessary for the skill's functionality and are executed within the user's environment to interact with the vendor's platform.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by utilizing an interactive login flow ('membrane login') rather than asking for hardcoded API keys or secrets. It explicitly advises users to let the platform handle credentials and never ask for tokens directly.
Audit Metadata