whaly
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the NPM registry. This is a trusted vendor resource used to facilitate the integration.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to manage authentication and execute actions on the Whaly platform. These operations are restricted to the vendor's managed environment.
- [INDIRECT_PROMPT_INJECTION]: User-provided strings are used to search for or create actions via the CLI. This behavior is inherent to the skill's purpose and does not bypass security controls.
Audit Metadata