token
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry and usesnpxto run the latest version of the tool. This is a legitimate vendor resource used to facilitate the integration. - [COMMAND_EXECUTION]: The skill executes shell commands using the
membraneCLI. These commands are used for logging into the service, connecting to the Token.io API, and running predefined actions. This behavior is transparent and confined to the intended functionality of the integration.
Audit Metadata