mainstay
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry, which is a verified resource from the skill author (membrane/membranedev). - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to manage data and automate workflows. This includes commands for logging in, searching for connectors, and executing API actions. These operations are within the scope of the skill's intended functionality. - [CREDENTIALS_UNSAFE]: The skill correctly directs the agent to use Membrane's centralized authentication system instead of handling raw API keys or tokens, reducing the risk of credential exposure.
Audit Metadata