klaviyo
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the official NPM registry. This is a standard dependency for the platform's operation and originates from the recognized vendor. - [COMMAND_EXECUTION]: The skill uses local shell commands to interact with the Membrane CLI. These commands are used for legitimate purposes such as logging in, connecting to Klaviyo, and searching for or running automation actions.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly advising against hardcoding or requesting API keys. Instead, it utilizes Membrane's centralized connection management to handle authentication tokens securely on the server side.
Audit Metadata