wicked-reports
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI tool to perform various operations, including authentication (membrane login), connection management (membrane connect), and executing API actions (membrane action run). These commands are standard for interacting with the Membrane platform. - [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
@membranehq/clipackage globally using npm. This is the official command-line interface for the vendor's platform and is used to facilitate secure communication with external APIs. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or tokens, instead delegating credential management to the Membrane service, which is a recommended security practice for agent skills.
Audit Metadata