manageengine-servicedesk-plus-cloud
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as searching for connectors, connecting to the service, and running actions. These commands are integral to the skill's functionality and are used to manage IT service data. - [EXTERNAL_DOWNLOADS]: The instructions include installing the
@membranehq/clipackage via npm. This is a vendor-provided tool required to facilitate the integration and is not considered a security risk in this context. - [CREDENTIALS_UNSAFE]: The skill implements secure authentication practices by delegating credential management to the Membrane platform, explicitly advising against asking for or storing sensitive API keys locally.
Audit Metadata