扫描报告
10 /100
falcosecurity
Falcosecurity integration using Membrane CLI
Documentation-only skill that describes how to use the Membrane CLI for Falcosecurity integration. The only executable action (npm install) is declared, necessary, and standard.
可以安装
This skill is safe to use. The shell execution (npm install -g @membranehq/cli) is declared in documentation and required for the skill to function.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file operations found |
| 网络访问 | READ | READ | ✓ 一致 | Uses Membrane CLI for API calls (documented) |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md line 35: npm install -g @membranehq/cli |
| 环境变量 | NONE | NONE | — | No environment variable access |
| 技能调用 | NONE | NONE | — | No skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database access |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://falco.org/docs/ SKILL.md:19 目录结构
1 文件 · 4.4 KB · 124 行 Markdown 1f · 124L
└─
SKILL.md
Markdown
安全亮点
✓ No executable scripts - documentation only
✓ Shell execution (npm install) is clearly documented and necessary
✓ No credential harvesting - uses Membrane's managed authentication
✓ No hidden functionality - SKILL.md accurately describes all behavior
✓ No sensitive path access (~/.ssh, ~/.aws, .env)
✓ No external data exfiltration
✓ No base64-encoded payloads or obfuscated code
✓ No known malicious indicators (reverse shell, C2, etc.)