amadeus
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill involves the installation of the '@membranehq/cli' package from the NPM registry. This is a verified vendor-owned resource (membranedev) required for the skill's functionality.
- [COMMAND_EXECUTION]: The skill uses various 'membrane' CLI commands such as 'membrane login', 'membrane connect', and 'membrane action run'. These are standard operational commands for interacting with the Membrane platform and do not involve unauthorized privilege escalation or persistence mechanisms.
- [DATA_EXFILTRATION]: No sensitive data access or exfiltration patterns were detected. The skill specifically promotes a connection-based authentication model that keeps credentials managed on the server-side rather than in local files or prompts.
Audit Metadata