safebase
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the installation of the
@membranehq/clipackage from the official npm registry. This is a legitimate tool provided by the vendor to facilitate communication between the agent and external services. - [COMMAND_EXECUTION]: Instructions include the execution of
membraneCLI commands to perform tasks such as logging in, connecting to services, and running API actions. These operations are within the expected scope of a workflow automation skill and do not involve unauthorized privilege escalation or persistence mechanisms. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against hardcoding API keys or secrets, instead utilizing a connection-based authentication system managed by the Membrane platform, which is a recommended security practice.
Audit Metadata