Scan Report
0 /100
google-cloud-ai-platform
Google Cloud AI Platform integration via Membrane CLI
Documentation-only skill with transparent behavior - all shell and network operations are clearly declared and necessary for advertised functionality.
Safe to install
Skill is safe to use. All operations are documented and follow security best practices by delegating credential management to the Membrane service.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | SKILL.md - API calls to Google Cloud AI Platform |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md:37 - npm install -g @membranehq/cli |
| Filesystem | NONE | NONE | — | No direct filesystem access; CLI tools handle file operations |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://cloud.google.com/ai-platform/docs SKILL.md:19 File Tree
1 files · 4.5 KB · 122 lines Markdown 1f · 122L
└─
SKILL.md
Markdown
Security Positives
✓ MIT license with public GitHub repository for accountability
✓ Credential handling delegated to Membrane service - no local secret storage
✓ All shell commands documented with clear purpose (npm install, membrane CLI)
✓ Best practices section explicitly warns against credential harvesting
✓ No base64, eval(), or obfuscated code patterns detected
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) declared or observed
✓ Skill focuses on documented API integration without hidden functionality