verve
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the
@membranehq/clipackage from the NPM registry. This is an official utility provided by the vendor to facilitate interaction with their platform. - [COMMAND_EXECUTION]: Contains instructions for running CLI commands to manage connections and execute actions. These commands (
membrane login,membrane connect,membrane action run) are used to interface with the Membrane integration service. - [CREDENTIALS_UNSAFE]: Demonstrates positive security posture by explicitly instructing the agent never to ask users for API keys or tokens, instead relying on the platform's internal connection manager to handle authentication lifecycles.
Audit Metadata