fonoa
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clitool from the official npm registry. This is a trusted vendor package used to interact with the Membrane platform. - [COMMAND_EXECUTION]: Employs the
membraneCLI to manage connections, search for actions, and execute tax-related workflows. These operations are within the expected scope of a Fonoa integration skill. - [CREDENTIALS_UNSAFE]: Adheres to security best practices by delegating credential management and token refresh to the Membrane platform, specifically advising against asking users for manual API keys.
Audit Metadata