broadridge
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via NPM. This is a vendor-provided tool from the author (membranedev) used to manage connections and interact with the Broadridge API. - [COMMAND_EXECUTION]: Uses the
membraneCLI to perform operations such as logging in, creating connections, and running actions. These commands are standard for the tool's intended use and do not involve unauthorized privilege escalation or persistence. - [DATA_EXFILTRATION]: The skill instructs the user to use a managed connection service (Membrane) which handles authentication tokens server-side. This approach follows security best practices by avoiding the storage of sensitive API keys or secrets in local environment variables or code.
Audit Metadata