signable
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official NPM registry. This is a standard vendor-provided tool necessary for the skill's functionality.- [COMMAND_EXECUTION]: The skill uses local CLI commands such as 'membrane login', 'membrane connect', and 'membrane action run' to interact with the Signable API. These commands are part of the intended platform integration and operate within the user's authenticated session.- [CREDENTIALS_UNSAFE]: The skill adheres to security best practices by specifically advising against asking for or hardcoding API keys or tokens. Instead, it relies on the Membrane platform's delegated authentication flow to manage credentials securely on the server side.
Audit Metadata