finch
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clitool from the npm registry, which is the official package for interacting with the author's platform.\n- [COMMAND_EXECUTION]: Interaction with the Finch API is performed through standard Membrane CLI commands, ensuring that sensitive operations like token refresh and proxying are handled by a managed environment.\n- [DATA_EXFILTRATION]: Access to Finch data is constrained to the user's connection and managed through the Membrane proxy, preventing local exposure of sensitive credentials or unauthorized data routing.
Audit Metadata