finmo
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies on the official CLI tool from the author (
@membranehq/cli) to facilitate interactions with the Finmo API. This is a standard and safe dependency for the skill's intended functionality. - [SAFE]: Authentication is performed using the
membrane logincommand, which uses a secure browser-based or headless authorization flow. This approach ensures that sensitive credentials like API keys or tokens are managed securely by the underlying platform rather than being hardcoded or handled directly by the agent. - [SAFE]: The instructions and command patterns are consistent with the stated purpose of the skill (managing Finmo mortgage data) and do not contain any obfuscation, data exfiltration patterns, or attempts to bypass security guidelines.
Audit Metadata