mumara
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from NPM, which is a trusted tool provided by the vendor (Membrane) for platform interactions. This is a standard and safe procedure.\n- [COMMAND_EXECUTION]: It utilizes themembraneCLI to perform necessary integration tasks, including authentication (membrane login), connector discovery (membrane search), and executing API actions (membrane action run). These commands are the intended way to interact with the platform.\n- [DATA_EXFILTRATION]: API requests are routed through a proxy (membrane request) that handles authentication server-side. This design prevents raw API keys or sensitive credentials from being exposed in the local environment or the agent's context.
Audit Metadata