callrail
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a standard and expected dependency for interacting with the Membrane platform described in the skill metadata. - [COMMAND_EXECUTION]: The skill relies on the
membranecommand-line tool to manage connections and execute API actions. These commands are used to facilitate the intended integration with CallRail and do not involve suspicious or obfuscated parameters. - [CREDENTIALS_UNSAFE]: The documentation explicitly directs the agent to avoid requesting raw API keys or tokens from the user. Instead, it uses the platform's secure connection management system, which is a positive security pattern.
Audit Metadata