faceup
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage globally via npm. This is the official command-line tool for the Membrane platform, provided by the skill vendor to manage integrations and authentication. - [COMMAND_EXECUTION]: Executes shell commands using the
membranebinary to perform administrative tasks, such as logging in, searching for connectors, and running API actions. This is the primary mechanism for the skill's functionality. - [CREDENTIALS_UNSAFE]: The skill documentation includes a section on best practices that explicitly instructs the agent to never ask the user for API keys or tokens, instead delegating credential management to the Membrane platform. This reduces the risk of credential leakage in the agent's context.
Audit Metadata