sonatype
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends installing the
@membranehq/clipackage from the official npm registry. This is the vendor's own command-line tool used to facilitate the integration. - [COMMAND_EXECUTION]: Utilizes the
membranecommand-line tool for authentication, action discovery, and execution. All commands are specific to the integration's purpose and do not perform unauthorized system modifications. - [DATA_EXFILTRATION]: Authentication and credential management are handled server-side by the Membrane platform. The skill explicitly advises against local secret storage, reducing the risk of accidental exposure.
Audit Metadata