polygon
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the Membrane CLI tool (
@membranehq/cli) via npm. This is a legitimate utility provided by the skill author for interacting with their platform. - [COMMAND_EXECUTION]: Utilizes the
membranecommand-line interface to manage connections and execute API actions. These operations are standard for the tool's integration logic and do not involve suspicious or unauthorized commands. - [SAFE]: Authentication is handled through a server-side proxy provided by the vendor. This architecture is a security best practice as it prevents sensitive API keys and tokens from being stored in the agent's environment or hardcoded in scripts.
- [SAFE]: Network requests are directed to
polygon.io, which is a well-known and established provider of financial market data.
Audit Metadata