survicate
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
@membranehq/clito perform operations. These commands include authentication (membrane login), connection management (membrane connect), and API interactions (membrane action run,membrane request). These are standard operations for the vendor's provided tooling. - [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clivia the npm package registry. This is a well-known package registry and the package belongs to the skill's authoring organization. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens, instead delegating credential management to the Membrane platform. This is a positive security practice that prevents credential exposure in local environments.
- [DATA_EXFILTRATION]: While the skill facilitates network communication with Survicate and Membrane servers, this behavior is documented and inherent to its primary purpose of data integration. No unauthorized or hidden exfiltration patterns were detected.
Audit Metadata