kong
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and installs the
@membranehq/clipackage from the official npm registry. This is a standard and expected operation for using the vendor's platform services. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI tool for structured operations such as authentication, connection discovery, and API action execution. These commands are scoped to the tool's intended use and do not introduce arbitrary command injection risks. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe local storage practices were identified. The skill explicitly guides users to use Membrane's managed authentication system, which avoids local handling of sensitive API tokens.
Audit Metadata