apex-27
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via npm. This is a legitimate tool provided by the vendor for interacting with the Membrane platform. - [COMMAND_EXECUTION]: The skill provides instructions for using
membraneCLI commands to perform operations such as authentication, connection management, and running API actions. These are standard operations within the vendor's ecosystem. - [DATA_EXFILTRATION]: The skill utilizes a proxy mechanism (
membrane request) for API interactions. This approach is designed to handle sensitive authentication headers and credential refreshing on the server side, preventing the need to store or manage API keys locally within the agent's environment.
Audit Metadata