retriever
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the '@membranehq/cli' package from the NPM registry to manage integrations with the Retriever platform.
- [REMOTE_CODE_EXECUTION]: The documentation features the use of 'npx' to execute the vendor's latest CLI tools directly from the package registry, ensuring up-to-date integration logic.
- [COMMAND_EXECUTION]: Multiple shell commands are provided for logging in, connecting to services, and running platform actions using the 'membrane' utility.
- [DATA_EXFILTRATION]: The skill utilizes the 'membrane request' command to communicate with the Retriever API. This provides a secure, authenticated channel for data exchange through the vendor's managed infrastructure.
Audit Metadata