appcues
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the Membrane CLI (@membranehq/cli) via npm. This is a legitimate tool provided by the skill's vendor (membranedev) to facilitate secure integrations.
- [COMMAND_EXECUTION]: Includes CLI commands for authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). These are standard operational commands for the documented integration.
- [DATA_EXFILTRATION]: Utilizes a proxy request mechanism (membrane request) that routes Appcues API calls through the Membrane service. This ensures that sensitive credentials are not handled locally by the agent and follow secure transmission practices.
Audit Metadata