abstract-ip-geolocation-api
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a vendor-owned resource used for managing the lifecycle of the integration. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform several operations, including user authentication (membrane login), connection management (membrane connect), and executing API actions (membrane action run). These commands are standard for the tool's functionality. - [DATA_EXFILTRATION]: The skill routes API requests through a vendor-managed proxy. This architectural choice is designed to handle authentication tokens server-side, preventing the exposure of sensitive API keys in the local environment or agent logs.
Audit Metadata