ringover
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official
@membranehq/clipackage from the npm registry. This tool is part of the vendor's own infrastructure and is required for the skill to function correctly. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform actions and send requests to the Ringover API. This approach ensures that sensitive credentials and the authentication lifecycle are managed securely on the vendor's server-side platform rather than being handled directly by the agent or stored locally. - [SAFE]: No instances of prompt injection, data exfiltration, or obfuscation were detected. The skill follows security best practices by using a dedicated proxy for API interactions and official vendor tools for all operations.
Audit Metadata