freeagent
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official npm registry. This is a vendor-owned tool (membranedev) used to facilitate interaction with the Membrane platform.- [COMMAND_EXECUTION]: It uses themembraneCLI to perform authentication, discover available actions, and execute operations against FreeAgent. The tool manages the full OAuth2 lifecycle server-side, which is a security best practice for credential management.- [DATA_EXFILTRATION]: No malicious data exfiltration patterns were detected. The skill explicitly instructs the agent to use managed connections and avoid asking users for raw API keys or tokens.
Audit Metadata