woodpeckerco
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via NPM. This is a standard installation of the vendor's own official command-line utility for interacting with their service. - [COMMAND_EXECUTION]: The skill documents the use of various
membraneCLI commands (login, search, connect, action run, request). These commands are used for legitimate integration logic such as searching for connectors, establishing connections, and executing API actions within the Membrane ecosystem. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly instructing users never to ask for API keys or tokens, instead relying on Membrane's server-side authentication lifecycle management.
Audit Metadata