overloop
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the
@membranehq/clipackage from the npm registry. This is a verified resource from the author 'membrane' used to interact with their platform.\n- [COMMAND_EXECUTION]: The instructions include running themembraneCLI andnpxto discover and execute actions. These are standard operations for the tool's primary purpose.\n- [SAFE]: Authentication is managed via a secure browser-based flow (membrane login), ensuring that sensitive credentials like API keys are handled server-side by the platform rather than being hardcoded or stored locally by the agent.\n- [SAFE]: No malicious obfuscation, prompt injection, or unauthorized data exfiltration patterns were detected.
Audit Metadata