Scan Report
5 /100
getscreenshot
GetScreenshot integration for capturing screenshots of web pages via Membrane CLI
This is a documentation-only skill that provides guidance for integrating with GetScreenshot via the Membrane CLI. No executable code is present, all functionality is documented, and the credential management is handled server-side.
Safe to install
This skill is safe to use. No additional security measures are required beyond standard npm package vetting.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations required |
| Network | NONE | NONE | — | All network calls made through Membrane CLI |
| Shell | NONE | NONE | — | CLI commands are documented but executed by user or Membrane framework |
| Environment | NONE | NONE | — | No environment variable access |
| Skill Invoke | NONE | NONE | — | No skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | Browser used only for user authentication flow |
| Database | NONE | NONE | — | No database access |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://getscreenshot.app/docs SKILL.md:19 File Tree
1 files · 5.0 KB · 130 lines Markdown 1f · 130L
└─
SKILL.md
Markdown
Security Positives
✓ All functionality is documented in SKILL.md with no hidden behavior
✓ Credential management handled server-side by Membrane - no local credential storage or harvesting
✓ Uses CLI-based integration which is a legitimate and transparent approach
✓ No base64, obfuscation, or anti-analysis techniques present
✓ No sensitive file or path access required
✓ Documentation explicitly advises against asking users for API keys
✓ Skill is focused on a single legitimate service (GetScreenshot)