tapform
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm, which is the official tool for the Membrane platform. - [COMMAND_EXECUTION]: Executes various
membranecommands to authenticate, list connections, and interact with the Tapform API. These commands are limited to the scope of the integration. - [DATA_EXFILTRATION]: API requests are routed through Membrane's proxy system (
membrane request), which manages authentication headers server-side. This follows security best practices by preventing credential exposure within the agent's execution environment. - [SAFE]: The skill documentation explicitly discourages asking users for API keys or tokens, directing the agent to use the platform's connection management instead.
Audit Metadata