alight-solutions
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a legitimate vendor-provided tool necessary for the skill's functionality.
- [COMMAND_EXECUTION]: The skill instructs the agent to use the membrane CLI to perform authentication, discover actions, and execute requests against the Alight Solutions API. All commands are well-documented and restricted to the intended integration scope.
- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected. The skill correctly delegates credential management to a secure external platform.
Audit Metadata