ashby
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using the
@membranehq/clito manage Ashby data. These commands are standard for the vendor's integration workflow and do not include any suspicious, obfuscated, or unauthorized shell operations. - [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the
@membranehq/clipackage from the npm registry. This is a legitimate vendor-owned tool required for the skill's documented functionality. - [CREDENTIALS_UNSAFE]: The documentation explicitly advises against hardcoding or manually entering API keys, instead promoting the use of Membrane's secure server-side connection system for all authentication needs.
Audit Metadata