brandfetch
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the Membrane platform to manage Brandfetch integrations. This approach centralizes authentication and avoids the need for hardcoded secrets or manual API key handling within the agent's logic, as explicitly mentioned in the best practices section.
- [EXTERNAL_DOWNLOADS]: Instructions include installing the
@membranehq/clipackage from the public NPM registry. This is a standard requirement for using the vendor's platform and CLI-based tools. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line utility for tasks such as authentication (membrane login), connection management (membrane connect), and executing actions. These are legitimate operations for the intended service functionality. - [DATA_EXFILTRATION]: While the skill interacts with external APIs, it does so through a controlled proxy mechanism (
membrane request) that manages authentication headers and connection lifecycles, reducing the risk of accidental credential exposure.
Audit Metadata