acuity-scheduling
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the '@membranehq/cli' Node.js package. This is a vendor-provided tool used for managing the integration and handles authentication securely through the Membrane platform.
- [COMMAND_EXECUTION]: The skill instructions involve running 'membrane' CLI commands. These commands are used to interact with the Acuity Scheduling API and do not involve arbitrary or unauthorized command execution.
- [CREDENTIALS_UNSAFE]: The skill explicitly adheres to security best practices by delegating credential management to the Membrane platform, ensuring that no API keys or tokens are stored locally or requested from the user.
- [PROMPT_INJECTION]: No evidence of prompt injection or bypass instructions was found in the skill content.
- [DATA_EXFILTRATION]: There are no indicators of unauthorized data exposure or exfiltration. Network operations are limited to the intended service integration via the vendor's CLI.
Audit Metadata