gorgias
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the npm registry. This is the vendor's official command-line tool and is a standard dependency for this integration. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operational tasks such as connecting to the service and running API actions. These commands are legitimate and required for the skill's stated purpose of managing Gorgias data. - [SAFE]: Authentication is handled via the
membrane connectworkflow, which redirects to a secure browser-based OAuth flow. This method ensures that no API keys or secrets are stored or exposed within the skill's instructions or the agent's environment.
Audit Metadata