range
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from npm. This is the official command-line tool for the Membrane platform, which is the vendor of this skill. - [COMMAND_EXECUTION]: Instructions include using the
membraneCLI for authentication, searching for connectors, and executing actions. These are standard operations for interacting with the Membrane ecosystem. - [DATA_EXFILTRATION]: The skill uses a secure proxy mechanism (
membrane request) for API interactions. It specifically recommends letting the platform handle credentials server-side rather than asking users for API keys, which minimizes the risk of credential theft or exposure. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from Range (such as task descriptions or goals) which could contain untrusted content. However, this is inherent to the integration's purpose and the skill does not contain instructions that bypass safety filters.
Audit Metadata