sapling
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the npm registry, which is an official tool provided by the vendor for platform integration.
- [COMMAND_EXECUTION]: The skill instructs the agent to run various membrane CLI commands to manage HR data, automate workflows, and perform API requests.
- [SAFE]: The skill demonstrates secure credential handling by using Membrane connections instead of asking for raw API keys or tokens, and it uses official vendor infrastructure for all operations.
Audit Metadata