Scan Report
5 /100
filestack
FileStack integration skill for managing data, records, and workflow automation
Single-file documentation skill for FileStack integration using Membrane CLI; no executable code, well-scoped declared permissions, and no malicious indicators.
Safe to install
No action required. This skill is safe to use as documented.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | N/A - no file operations in skill |
| Network | READ | READ | ✓ Aligned | SKILL.md:7,19 - FileStack API and docs URLs |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md:22-23 - npm install -g @membranehq/cli |
| Environment | NONE | NONE | — | N/A - no env var access |
| Skill Invoke | NONE | NONE | — | N/A |
| Clipboard | NONE | NONE | — | N/A |
| Browser | NONE | NONE | — | N/A |
| Database | NONE | NONE | — | N/A |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://www.filestack.com/docs/ SKILL.md:19 File Tree
1 files · 4.4 KB · 125 lines Markdown 1f · 125L
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
@membranehq/cli | latest | npm | No | External npm package, not pinned in skill |
Security Positives
✓ Only contains documentation (SKILL.md); no executable code present
✓ All shell commands are explicitly documented with clear purposes
✓ Credential handling delegated to Membrane CLI (server-side auth, no local secrets)
✓ No sensitive file or path access detected
✓ No obfuscation, base64, or suspicious patterns
✓ External dependencies are reputable (npm @membranehq/cli, Membrane SaaS)
✓ Best practices documented: prefer built-in actions over raw API calls