waydev
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to install the
@membranehq/clipackage from the NPM registry. This is an expected dependency for tools provided by the 'membranedev' vendor. - [COMMAND_EXECUTION]: The instructions utilize the Membrane CLI (
membraneandnpx @membranehq/cli) to facilitate authentication, connection management, and the execution of engineering intelligence reports. - [SAFE]: No evidence of obfuscation, data exfiltration, or malicious persistence was found. The skill explicitly promotes secure development practices by advising against the manual handling of API keys and tokens.
Audit Metadata