profitwell
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the public NPM registry. This is a legitimate vendor resource associated with the author 'membranedev'. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands to perform authentication, search for connectors, and interact with the ProfitWell API. These operations are scoped to the intended functionality of the skill. - [DATA_EXFILTRATION]: While the skill accesses and transfers subscription data between the local environment and ProfitWell, it utilizes the Membrane proxy system. This design centralizes credential handling on the server side, which reduces the risk of local credential exposure.
Audit Metadata