fena
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This package is provided by the skill's author and is necessary for the intended functionality. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands (
membrane login,membrane connect,membrane action run,membrane request) to manage authentication and interact with the Fena API. These commands are part of the core functionality of the Membrane integration platform. - [DATA_EXPOSURE_AND_EXFILTRATION]: While the skill facilitates data interaction with the Fena API, it uses a managed proxy service (Membrane) to handle credentials and authentication headers, which is a recommended security practice to avoid local secret exposure.
Audit Metadata