Scan Report
10 /100
marqeta
Marqeta integration. Manage data, records, and automate workflows using the Membrane CLI proxy.
A clean Marqeta API integration skill using the Membrane CLI proxy; all functionality is declared in documentation with no hidden behavior or suspicious patterns.
Safe to install
No blocking action needed. Optionally pin the CLI version (e.g., `npm install -g @membranehq/[email protected]`) to prevent supply-chain substitution, but the current design is safe.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | Unpinned npm CLI dependency Supply Chain | SKILL.md:27 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations in SKILL.md |
| Network | READ | READ | ✓ Aligned | Uses Membrane CLI to proxy API calls to Marqeta; explicitly states 'requires net… |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md documents: npm install -g @membranehq/cli, membrane login, membrane act… |
| Environment | NONE | NONE | — | SKILL.md explicitly instructs to delegate auth to Membrane: 'never ask the user … |
| credential_theft | NONE | NONE | — | Credentials managed server-side by Membrane; no local credential harvesting desc… |
| Skill Invoke | NONE | NONE | — | No nested skill invocation described |
| Clipboard | NONE | NONE | — | Not referenced |
| Browser | READ | READ | ✓ Aligned | SKILL.md line 45: browser opens for 'membrane login --tenant'; headless flow des… |
| Database | NONE | NONE | — | Not referenced |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://www.marqeta.com/api-documentation SKILL.md:19 File Tree
1 files · 4.4 KB · 128 lines Markdown 1f · 128L
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
@membranehq/cli | unpinned | npm | No | No version specified — theoretically vulnerable to supply-chain substitution |
Security Positives
✓ All shell commands are explicitly documented in SKILL.md — no hidden CLI invocations
✓ Authentication is delegated to the Membrane platform with no local credential storage described
✓ No sensitive file paths (~/.ssh, ~/.aws, .env) are accessed
✓ No base64, eval, or obfuscation patterns present
✓ No data exfiltration or external IP communication beyond declared API endpoints
✓ Explicitly warns against asking users for API keys, promoting secure credential handling
✓ No nested skill invocations or prompt injection patterns
✓ Pure Markdown skill — no embedded scripts or binary executables