vagrant
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the vendor's official CLI tool (@membranehq/cli) to manage integrations, which is the intended and secure way to handle authentication without exposing local secrets.
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the npm registry. This is a standard dependency for the vendor's ecosystem. - [COMMAND_EXECUTION]: Several commands are provided to interact with the Vagrant connector via the
membraneCLI (e.g.,membrane login,membrane action run). These are standard operational commands for the platform. - [DATA_EXPOSURE]: The skill explicitly advises against asking users for API keys or tokens, recommending the use of managed connections instead, which reduces the risk of credential exposure.
Audit Metadata