alchemer
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via NPM. This is an official utility provided by the vendor (membrane) to facilitate tool interactions. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line tool to perform various operations, including searching for connectors, managing connections, and executing API actions against the Alchemer service. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill interacts with external survey data and contact lists. However, it implements a secure architecture where authentication and credential refreshing are managed by the Membrane platform, preventing the need for the agent to access or store sensitive API keys locally.
Audit Metadata