sender
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the @membranehq/cli package via npm. This is a verified vendor resource used for interacting with the platform's API and managing authentication.
- [COMMAND_EXECUTION]: Interaction with the Sender service is performed through the membrane CLI, which handles request proxying and authentication headers via terminal commands.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing the agent to never request API keys from the user, instead relying on the membrane connect flow which manages secrets server-side.
- [SAFE]: The skill description contains references to CRM entities (Deals, Leads) which appears to be a documentation artifact; however, as it does not influence security or execution logic, it is classified as safe.
Audit Metadata