qualys
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
@membranehq/clipackage via NPM. This is the official command-line utility provided by the vendor for managing integrations. - [COMMAND_EXECUTION]: It utilizes the
membraneCLI to perform various operations, including authentication (membrane login), connection management (membrane connect), and executing Qualys actions (membrane action run). These commands are standard for the skill's intended purpose of managing security data. - [SAFE]: The skill follows security best practices by explicitly instructing the agent never to ask the user for API keys or tokens, instead utilizing a server-side connection lifecycle managed by the Membrane platform.
Audit Metadata