tradeshift
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the Membrane CLI (
@membranehq/cli) for all external interactions, which is the expected and documented method for this integration. - [SAFE]: Sensitive credential management is handled through a secure login flow (
membrane login) that avoids storing or requesting raw API keys within the skill logic. - [SAFE]: No evidence of prompt injection, data exfiltration, or malicious persistence mechanisms was found in the instructions or command sequences.
- [SAFE]: The skill follows security best practices by encouraging the use of pre-built actions and proxy requests that handle authentication and pagination securely.
Audit Metadata