flespi
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install the Membrane CLI (
@membranehq/cli) from the official npm registry. This is the vendor's own tooling used for the skill's primary purpose. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line tool to perform various operations, including authentication, service discovery, and API interactions. These commands are part of the intended integration workflow. - [DATA_EXFILTRATION]: The skill instructions explicitly advise against asking users for API keys or tokens, directing the agent to use Membrane's server-side credential management instead. This reduces the risk of sensitive credential exposure in the local environment.
Audit Metadata