duo-security
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage via npm. This is a vendor-provided tool for the Membrane platform. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands (login, search, connect, action run) to interact with Duo Security. These commands are executed locally to manage integrations. - [DATA_EXPOSURE]: No hardcoded credentials or sensitive file access patterns were found. The skill explicitly recommends letting Membrane handle credentials server-side to avoid local secret exposure.
Audit Metadata