tutor-lms
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill installs the official Membrane CLI tool from the
@membranehqnamespace on NPM, which is the expected method for interacting with the vendor's infrastructure. - [SAFE]: Authentication is managed externally via the
membrane loginandmembrane connectworkflows. This prevents sensitive API keys or tokens from being exposed in the prompt history or environment variables. - [SAFE]: Network operations are conducted through a proxy (
membrane request), ensuring that authentication headers and base URLs are managed securely by the platform rather than constructed manually by the agent. - [SAFE]: No obfuscation, persistence mechanisms, or unauthorized privilege escalation patterns were detected.
Audit Metadata