asure-software
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage. This is a legitimate tool provided by the vendor (membranedev) to facilitate communication with the Membrane service. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line utility to perform actions such as searching for connectors, connecting to the API, and running queries. These commands are part of the intended integration workflow. - [DATA_EXFILTRATION]: Data is transferred between the local environment and Asure Software via Membrane's proxy. This is the primary purpose of the skill, and authentication is handled securely server-side without requiring hardcoded API keys or local token storage.
Audit Metadata