zuplo
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally via npm. This is a standard installation procedure for the vendor's own command-line interface tool and is considered safe within the context of this skill. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform various tasks such as authentication, searching for connectors, and running actions. These commands are part of the intended functionality for managing Zuplo integrations and do not pose a security risk as they are used for their documented purposes. - [CREDENTIALS_UNSAFE]: The skill explicitly follows best practices for credential management. It instructs the agent to never ask the user for API keys or tokens, instead using the Membrane connection system to handle authentication server-side, which prevents credential exposure in local environments.
Audit Metadata