jobdiva
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI (
@membranehq/cli) from the standard npm registry. This is a vendor-owned resource for 'membranedev' and is considered a safe dependency for the skill's functionality. - [CREDENTIALS_UNSAFE]: The skill explicitly promotes secure credential management, instructing the agent to never ask users for API keys and instead use Membrane's connection system which handles authentication and token refresh server-side.
- [COMMAND_EXECUTION]: Provides standard command-line examples using the
membraneCLI to interact with the JobDiva API. These commands are scoped to the intended purpose of the skill (managing recruitment data) and do not include suspicious or unauthorized system operations. - [DATA_EXFILTRATION]: Network operations are performed through the Membrane proxy to the official JobDiva API. There is no evidence of unauthorized data transfer to untrusted third-party domains.
Audit Metadata