yugabyte
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via NPM, which is an official tool provided by the vendor for managing the integration. - [COMMAND_EXECUTION]: Usage of the
membranecommand-line tool is required to authenticate and interact with YugabyteDB, which is the intended and documented behavior for this skill. - [CREDENTIALS_UNSAFE]: The skill promotes security best practices by using a delegated authentication model through the Membrane CLI, ensuring that sensitive credentials like API keys are not stored locally or hardcoded.
Audit Metadata