pusher
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill utilizes the official CLI from the vendor (membranedev) and adheres to secure authentication practices.- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill follows secure credential management practices by explicitly advising against asking users for API keys, instead utilizing Membrane's managed connection system to handle secrets server-side.- [INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing external data (Pusher events and data). However, it does not present any patterns where untrusted external data is unsafely interpolated into executable commands or sensitive tool parameters.
Audit Metadata