Scan Report
10 /100
falcosecurity
Falcosecurity integration using Membrane CLI
Documentation-only skill that describes how to use the Membrane CLI for Falcosecurity integration. The only executable action (npm install) is declared, necessary, and standard.
Safe to install
This skill is safe to use. The shell execution (npm install -g @membranehq/cli) is declared in documentation and required for the skill to function.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations found |
| Network | READ | READ | ✓ Aligned | Uses Membrane CLI for API calls (documented) |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md line 35: npm install -g @membranehq/cli |
| Environment | NONE | NONE | — | No environment variable access |
| Skill Invoke | NONE | NONE | — | No skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://falco.org/docs/ SKILL.md:19 File Tree
1 files · 4.4 KB · 124 lines Markdown 1f · 124L
└─
SKILL.md
Markdown
Security Positives
✓ No executable scripts - documentation only
✓ Shell execution (npm install) is clearly documented and necessary
✓ No credential harvesting - uses Membrane's managed authentication
✓ No hidden functionality - SKILL.md accurately describes all behavior
✓ No sensitive path access (~/.ssh, ~/.aws, .env)
✓ No external data exfiltration
✓ No base64-encoded payloads or obfuscated code
✓ No known malicious indicators (reverse shell, C2, etc.)