Skills
skills/membranedev/application-skills/shotstack/Gen Agent Trust Hub

shotstack

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to manage connections and execute API actions. These commands are standard for the platform's operational model.
  • [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the @membranehq/cli package from the NPM registry. This is the official tool provided by the vendor for managing integrations.
  • [CREDENTIALS_UNSAFE]: The skill correctly implements security best practices by explicitly instructing the agent and user not to handle raw secrets or tokens locally, delegating authentication to the Membrane platform's server-side management.
  • [METADATA_POISONING]: There is a minor inconsistency in the description field of the YAML frontmatter, which lists CRM-related entities (Deals, Persons, Leads) that do not match the skill's primary purpose of video production via Shotstack. This appears to be a non-malicious documentation error.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 10:28 PM