liferay
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs the official
@membranehq/clipackage from the NPM registry, which is a verified tool from the skill's author for managing integrations. - [COMMAND_EXECUTION]: Shell commands are used via the
membraneCLI to handle authentication, discover API actions, and perform requests. These are standard operations for the tool's intended use case. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens, instead utilizing a browser-based authentication flow managed by the Membrane platform, which reduces the risk of credential exposure.
Audit Metadata