veracode
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from the NPM registry. This is a trusted vendor resource provided by the skill author to facilitate interaction with the Membrane platform.\n- [COMMAND_EXECUTION]: The skill uses legitimate CLI commands (membrane login,membrane connect,membrane action run) to manage integrations. These commands are part of the intended functionality for interacting with Veracode through the Membrane environment.\n- [CREDENTIALS_UNSAFE]: The skill follows security best practices by not requesting or hardcoding API keys. It uses themembrane loginworkflow which handles credentials securely and server-side.\n- [DATA_EXFILTRATION]: No suspicious data exfiltration patterns were detected. The skill uses the Membrane CLI to securely proxy requests to the Veracode API.
Audit Metadata