stepzen
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows best practices for credential management and uses official vendor tooling.
- [COMMAND_EXECUTION]: The skill uses the 'membrane' CLI to manage StepZen connections and execute actions. These commands are standard for the skill's intended purpose and are performed through the author's official toolset.
- [EXTERNAL_DOWNLOADS]: The skill references the '@membranehq/cli' package for installation via npm. As this is the official CLI tool from the skill author (membranedev), it is considered a legitimate vendor resource.
Audit Metadata