contrast-security
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation guide for using the Membrane CLI to interact with Contrast Security. It does not contain malicious code or hidden instructions.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the
@membranehq/clipackage via NPM. This is an official package associated with the vendor and is a standard part of the tool's setup process. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive files are accessed. The skill explicitly promotes secure credential handling by advising the agent never to ask the user for API keys and to use the platform's server-side connection management instead.
- [COMMAND_EXECUTION]: The skill describes the use of CLI commands (e.g.,
membrane action run) to perform tasks. These are standard operations for a CLI-based integration and are used as intended for the primary skill purpose.
Audit Metadata