扫描报告
0 /100
amazon-cognito
Amazon Cognito integration via Membrane CLI
This skill is purely documentation-based, delegating all Cognito integration to the legitimate Membrane CLI. No executable code, scripts, or suspicious behavior detected.
可以安装
This skill is safe to use. No additional verification needed.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 命令执行 | WRITE | WRITE | ✓ 一致 | npm install -g @membranehq/cli (documented in SKILL.md line 24) |
| 网络访问 | READ | READ | ✓ 一致 | API calls through Membrane proxy (documented in SKILL.md) |
| 文件系统 | NONE | NONE | — | No file operations in skill |
| 环境变量 | NONE | NONE | — | No env access in skill |
| 技能调用 | NONE | NONE | — | No skill invocation in skill |
| 剪贴板 | NONE | NONE | — | No clipboard access in skill |
| 浏览器 | NONE | NONE | — | Browser used only for OAuth flow (documented) |
| 数据库 | NONE | NONE | — | No database access in skill |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://docs.aws.amazon.com/cognito/ SKILL.md:19 目录结构
1 文件 · 4.6 KB · 132 行 Markdown 1f · 132L
└─
SKILL.md
Markdown
安全亮点
✓ No executable code - skill is documentation only
✓ Delegates to legitimate third-party CLI (@membranehq/cli)
✓ Explicitly instructs to never ask for API keys or tokens
✓ Credentials managed server-side by Membrane infrastructure
✓ Uses standard npm/npx installation (no curl|bash)
✓ No obfuscation, base64, or anti-analysis patterns
✓ No hidden functionality detected
✓ Clean documentation with clear security guidance