citadel-id
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@membranehq/clipackage globally via npm. It also utilizesnpxto execute the latest version of the CLI for action discovery. These are standard procedures for interacting with the Membrane integration platform. - [COMMAND_EXECUTION]: The skill demonstrates how to use the
membraneCLI to manage user login, search for connectors, and run actions. These commands are typical for the stated purpose of the skill and do not involve unauthorized or suspicious system modifications. - [SAFE]: The skill implements secure credential management by instructing the agent to use Membrane's connection system rather than requesting or storing raw API keys or secrets locally.
- [SAFE]: The skill interacts with the Citadel ID API through the
membrane requestcommand. This represents a data ingestion surface common to integration skills. No malicious manipulation or exfiltration patterns were identified. - Ingestion points: Data returned from
membrane action runandmembrane requestcommands. - Boundary markers: No specific delimiters are defined in the instructions for handling API responses.
- Capability inventory: The skill utilizes the
membraneCLI for network communication and integration management. - Sanitization: The skill relies on the Membrane platform's internal handling and does not specify additional local sanitization logic.
Audit Metadata