affinity
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI via npm (
npm install -g @membranehq/cli). As '@membranehq' is the official namespace for the vendor 'membranedev', this is a legitimate vendor resource. - [COMMAND_EXECUTION]: The skill provides various
membraneCLI commands for authentication, searching connectors, and running actions. These commands are standard operations for the tool's intended purpose and do not perform unauthorized or hidden actions. - [DATA_EXPOSURE_&_EXFILTRATION]: No sensitive local files are accessed. The skill correctly advises users to let the platform handle credentials server-side rather than asking for API keys, which is a security best practice.
Audit Metadata