扫描报告
0 /100
nudgify
Nudgify integration for social proof and notification management
This is a pure documentation skill with no executable code. It describes using the Membrane CLI to interact with Nudgify's API through declared, documented commands.
可以安装
This skill is safe to use. No action required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md lines 5,37 - Membrane API access for Nudgify operations |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md lines 31,36 - npm install and membrane CLI commands |
| 文件系统 | NONE | NONE | — | No file operations mentioned in SKILL.md |
| 环境变量 | NONE | NONE | — | No environment access mentioned; credentials handled by Membrane server-side |
| 剪贴板 | NONE | NONE | — | No clipboard access in SKILL.md |
| 浏览器 | NONE | NONE | — | Browser used only for OAuth flow via Membrane (user-initiated login) |
| 数据库 | NONE | NONE | — | No database access in SKILL.md |
| 技能调用 | NONE | NONE | — | No nested skill invocation in SKILL.md |
2 项发现
中危 外部 URL 外部 URL
https://getmembrane.com SKILL.md:7 中危 外部 URL 外部 URL
https://nudgify.com/helpdesk/ SKILL.md:19 目录结构
1 文件 · 4.3 KB · 123 行 Markdown 1f · 123L
└─
SKILL.md
Markdown
安全亮点
✓ Pure documentation skill with no executable code
✓ All capabilities properly declared in SKILL.md
✓ Credential management handled server-side by Membrane (no local secret storage)
✓ Uses legitimate, established npm package (@membranehq/cli)
✓ No credential harvesting, data exfiltration, or obfuscation observed
✓ No sensitive file access, no base64, no eval, no suspicious patterns
✓ OAuth flow via Membrane is a standard, secure pattern