roboflow
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the '@membranehq/cli' package, which is the official tool provided by the vendor (membranedev) for interacting with their platform.
- [SAFE]: It implements secure credential management by leveraging the Membrane platform's connection system. The instructions explicitly advise against asking users for API keys or tokens, reducing the risk of credential exposure.
- [SAFE]: The skill performs API interactions through a secure proxy ('membrane request') which handles authentication headers and token refreshes server-side.
- [SAFE]: No suspicious patterns such as prompt injection, obfuscation, or persistence mechanisms were detected in the instructions or command sequences.
Audit Metadata