vectera
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include various shell commands using the
membraneCLI to manage connections, discover actions, and execute API requests. These commands are standard for the tool's intended use. - [EXTERNAL_DOWNLOADS]: The documentation instructs the user to install the
@membranehq/clipackage globally via npm. This is a standard installation procedure for the vendor's command-line interface and is consistent with the skill's stated purpose. - [DATA_EXFILTRATION]: The skill emphasizes secure data handling by advising against manual token management. It uses a proxy system (
membrane request) that injects authentication headers server-side, preventing sensitive credentials from being exposed in the local environment or command history.
Audit Metadata