sterlingbackcheck
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage via npm. This is a vendor-provided tool from the author's own ecosystem and is necessary for the skill's primary function of interacting with the Membrane platform. - [COMMAND_EXECUTION]: Utilizes various
membraneCLI commands to perform background check operations. These commands are transparent, well-documented, and strictly focused on the stated purpose of the integration. - [CREDENTIALS_UNSAFE]: No sensitive credentials, API keys, or tokens are hardcoded within the skill. The instructions explicitly direct the agent to use Membrane's managed authentication system, which is a significant security advantage.
- [DATA_EXPOSURE]: The skill interacts with candidate and report data from SterlingBackcheck. While this involves sensitive data processing, it is performed through authorized API calls and the vendor's secure proxy system.
Audit Metadata