jibble
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI (
@membranehq/cli) globally via npm. This is a standard installation for the vendor's tool and originates from the legitimate author namespace. - [CREDENTIALS_UNSAFE]: The skill adheres to security best practices by explicitly instructing the agent never to ask the user for API keys or tokens. Instead, it utilizes
membrane connectto manage the authentication lifecycle server-side. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations. These commands (login,connect,action list,action run) are restricted to the intended functionality of the integration and do not involve arbitrary shell execution or suspicious parameters. - [DATA_EXFILTRATION]: Network activity is restricted to the official Jibble documentation site and the vendor's own CLI operations for integration management. There are no patterns indicating unauthorized data transit to third-party domains.
Audit Metadata