marketo
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is the legitimate CLI tool provided by the vendor (membranedev) to facilitate the integration. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to perform actions, manage connections, and handle authentication. These are standard operations for this tool's intended use case. - [DATA_EXFILTRATION]: While the skill accesses marketing data (Leads, Campaigns, etc.), it does so through an authenticated connection managed by the Membrane platform. It explicitly advises against requesting API keys or tokens from users, leveraging server-side credential management to prevent local exposure.
- [SAFE]: No malicious patterns such as prompt injection, obfuscation, or persistence mechanisms were detected. The dynamic creation of actions (
membrane action create) is a core feature of the platform used to generate integration logic safely within the vendor's ecosystem.
Audit Metadata