timing
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the official NPM registry. This package is the standard tool provided by the vendor (Membrane) for managing integrations. - [COMMAND_EXECUTION]: The skill employs several
membraneCLI commands to perform administrative and operational tasks, such asmembrane login,membrane connect, andmembrane action run. These commands facilitate the connection between the user's environment and the Timing API through Membrane's infrastructure. - [SAFE]: The skill follows security best practices by using an authentication proxy. This approach prevents the need for hardcoded API keys or secrets within the skill's logic or the agent's prompts. No malicious patterns, such as obfuscation or unauthorized data exfiltration, were identified.
Audit Metadata