Scan Report
15 /100
yugabyte
Yugabyte integration. Manage data, records, and automate workflows.
A minimal documentation-only skill that wraps the Membrane CLI for Yugabyte interaction; no scripts or code are present, and all behavior is clearly declared.
Safe to install
Approve for use. If execution is enabled in the future, pin the npm package version and audit the Membrane CLI for known vulnerabilities before deployment.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | Unpinned npm global install | SKILL.md:30 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | SKILL.md only describes CLI usage; no file read/write operations declared or imp… |
| Network | READ | READ | ✓ Aligned | All network activity goes through `membrane` CLI commands (action run, request, … |
| Shell | WRITE | WRITE | ✓ Aligned | Shell usage limited to documented `membrane` CLI invocations via npm-installed b… |
| Environment | NONE | NONE | — | SKILL.md explicitly states not to ask for API keys; credentials managed by Membr… |
| Skill Invoke | NONE | NONE | — | No nested skill invocation declared or present. |
| Clipboard | NONE | NONE | — | No clipboard access declared or implied. |
| Browser | NONE | NONE | — | Browser OAuth flow is initiated by `membrane login` but controlled entirely by t… |
| Database | READ | READ | ✓ Aligned | Yugabyte data access via Membrane proxy actions; behavior is declared and expect… |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://docs.yugabyte.com/ SKILL.md:19 File Tree
1 files · 4.3 KB · 125 lines Markdown 1f · 125L
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
@membranehq/cli | unpinned | npm | No | No version pin in SKILL.md; `latest` tag will be used on first install. |
Security Positives
✓ Skill is documentation-only with no executable scripts or code files — no attack surface beyond the described CLI commands.
✓ Credential management is delegated to Membrane's OAuth browser flow; no raw API keys or tokens appear in documentation or code.
✓ SKILL.md clearly states 'never ask the user for API keys or tokens,' reflecting good security hygiene.
✓ No hidden instructions, base64 payloads, eval(), or other obfuscation techniques detected.
✓ No filesystem, environment variable, SSH, or other sensitive path access declared or present.
✓ No data exfiltration vectors observed — all network calls are confined to the documented Membrane CLI workflow.
✓ Membrane acts as a proxy, insulating the skill from directly handling authentication tokens.