ifood
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clitool globally via the NPM registry. This is a vendor-provided package required for the skill to communicate with the iFood integration platform. - [COMMAND_EXECUTION]: Shell commands are used extensively via the
membraneCLI to manage authentication (membrane login), create connections to iFood (membrane connect), and perform data operations (membrane action run). This is the primary mechanism for the skill's functionality. - [CREDENTIALS_UNSAFE]: The skill promotes secure credential management by instructing the agent to never request API keys or tokens from the user, instead relying on Membrane's server-side connection management.
Audit Metadata