qualaroo
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official @membranehq/cli package from the NPM registry. This is a vendor-provided tool necessary for the skill's operation.\n- [COMMAND_EXECUTION]: The skill uses the membrane command-line interface to perform various actions, including user authentication (membrane login), connection management (membrane connect), and executing Qualaroo API actions (membrane action run).\n- [SAFE]: The skill implements secure credential management by leveraging Membrane's server-side authentication flows, specifically advising against asking for or storing manual API keys. It follows the principle of least privilege by using scoped connections rather than raw credentials.
Audit Metadata