sourceforge
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via NPM and usesnpxto access the latest version of the tool. These are official resources from the vendor used for the skill's primary functionality. - [COMMAND_EXECUTION]: The instructions direct the agent to perform project management tasks through the
membranecommand-line interface. These commands allow for controlled interaction with the SourceForge API via pre-defined actions or proxied requests. - [CREDENTIALS_UNSAFE]: The skill includes explicit security guidance for the agent to never ask the user for API keys or secrets, instead relying on the platform's managed connection lifecycle to handle authentication safely.
Audit Metadata