bloomreach
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is the official tool maintained by the skill author for interacting with their platform. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to authenticate, manage connections, and execute actions on BloomReach. These operations are restricted to the intended functionality of the integration. - [DATA_EXPOSURE]: The skill explicitly advises against asking users for API keys or tokens, instructing the agent to use the platform's connection system to handle credentials server-side.
Audit Metadata