linguapop
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions facilitate the installation of the
@membranehq/clipackage via npm. This is a vendor-owned package from the author 'membrane/membranedev' used for managing the integration logic and does not introduce external risks.\n- [SAFE]: The skill explicitly instructs the agent to avoid asking the user for API keys or tokens, directing it to use Membrane's connection management system instead. This prevents the exposure of sensitive credentials within the agent's context or conversation history.\n- [SAFE]: All API interactions are routed through themembranecommand-line utility. This tool acts as a proxy that handles authentication headers and credential refreshing, ensuring that the agent does not interact directly with raw secrets.
Audit Metadata