Scan Report
5 /100
brass
Brass integration for financial planning and spend management platform
This is a documentation-only skill with no implementation code. It describes how to use the legitimate Membrane CLI to interact with the Brass financial platform. No malicious behavior, scripts, or suspicious code was found.
Safe to install
Approve for use. This skill contains only documentation and delegates all operations to the official Membrane CLI. No local code execution or credential handling occurs.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No filesystem access required or implemented |
| Network | READ | READ | ✓ Aligned | Uses Membrane CLI for API communication (documented) |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://www.brass.io/api-reference SKILL.md:19 File Tree
1 files · 4.4 KB · 126 lines Markdown 1f · 126L
└─
SKILL.md
Markdown
Security Positives
✓ Documentation-only skill with no executable code - reduces attack surface
✓ Delegates credential management to official Membrane platform
✓ Follows security best practices by never asking users for API keys
✓ Uses established npm package for CLI installation
✓ No sensitive file access, no credential harvesting, no data exfiltration
✓ References legitimate external services with proper attribution