Scan Report
5 /100
sms-partner
SMS Partner integration for managing accounts and SMS data
SMS Partner integration skill with clear documentation and legitimate use of Membrane CLI for API interaction.
Safe to install
This skill is safe to use. It follows documentation-first practices and uses Membrane CLI for secure credential handling.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No filesystem operations in skill |
| Network | READ | READ | ✓ Aligned | Required for SMS Partner API communication |
| Shell | WRITE | WRITE | ✓ Aligned | membrane CLI commands documented in SKILL.md lines 24-67 |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://www.smspartner.fr/developpeurs/api-sms/documentation SKILL.md:19 File Tree
1 files · 4.3 KB · 123 lines Markdown 1f · 123L
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
@membranehq/cli | latest | npm | No | Pinned version recommended for production use |
Security Positives
✓ Uses Membrane CLI which handles credential lifecycle server-side
✓ No local credential storage required
✓ Documentation is complete and matches implementation
✓ Standard npm install for CLI tool installation
✓ Browser-based OAuth authentication is a security best practice
✓ No sensitive path access (~/.ssh, ~/.aws, .env)
✓ No obfuscated or base64-encoded commands
✓ No data exfiltration or C2 communication patterns