vend
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the @membranehq/cli package from the official NPM registry. This is the legitimate tool provided by the platform vendor for interacting with their services.
- [COMMAND_EXECUTION]: The instructions involve executing various membrane CLI commands for logging in, connecting to the Vend service, and managing actions. These operations are standard for the platform's workflow and do not involve arbitrary or malicious shell execution.
Audit Metadata