hellosign
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the '@membranehq/cli' package from the public npm registry. This is a standard installation of the vendor's own command-line tool used to facilitate the integration.- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' CLI to perform operations such as authentication, connection management, and executing API actions. These commands are part of the intended functionality for interacting with the HelloSign service through the Membrane ecosystem.- [SAFE]: No evidence of prompt injection, credential exposure, or malicious persistence was found. The skill follows security best practices by delegating credential management to the Membrane platform instead of handling raw API keys.
Audit Metadata