osano
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI (
@membranehq/cli) from the official npm registry, which is a standard development practice for this platform. - [COMMAND_EXECUTION]: The skill provides commands for interacting with the Membrane CLI (
membrane login,membrane connect,membrane action run). These commands are intended for interacting with the Membrane platform and do not involve arbitrary or dangerous shell execution. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly instructing the agent to never ask for API keys or tokens, instead relying on Membrane's server-side connection management.
- [DATA_EXFILTRATION]: No patterns of unauthorized data access or exfiltration were detected. Network operations are directed through the authorized Membrane proxy.
Audit Metadata