watsonx-ai
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the public npm registry. This is a vendor-owned CLI tool required for the skill's functionality. - [COMMAND_EXECUTION]: The skill uses various shell commands (
membrane login,membrane connect,membrane action list,membrane action run) to interact with the Membrane platform and IBM WatsonX AI. These commands are the intended way to use the skill. - [SAFE]: No malicious patterns such as prompt injection, obfuscation, or unauthorized data exfiltration were detected. The skill follows security best practices by delegating credential management to the Membrane platform instead of handling raw API keys.
Audit Metadata