dronahq
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI (
@membranehq/cli) from the npm registry. This is a legitimate tool provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: Uses
membraneCLI commands to perform operations like logging in, searching for connectors, and running actions. These commands are standard for the integration and are executed within the context of the user's authorized environment. - [DATA_EXFILTRATION]: Authentication and data requests are routed through the Membrane proxy. This approach avoids hardcoding secrets or exposing sensitive tokens within the skill's logic, as the platform manages the auth lifecycle server-side.
Audit Metadata