Scan Report
0 /100
cloudquery
Cloudquery integration for managing data, records, and automating workflows via the Membrane CLI
This is a documentation-only skill that describes how to interact with Cloudquery via the Membrane CLI. No executable code is present; all functionality is clearly declared in SKILL.md.
Safe to install
This skill is safe to use. The credential management through Membrane (instead of direct API keys) is a security best practice. No action required.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations in this skill |
| Network | READ | READ | ✓ Aligned | SKILL.md documents external URLs for Cloudquery docs |
| Shell | NONE | NONE | — | SKILL.md contains only CLI command examples, no direct shell execution code |
| Environment | NONE | NONE | — | No environment variable access |
| Skill Invoke | NONE | NONE | — | No skill-to-skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | Browser used only for OAuth login flow (documented) |
| Database | NONE | NONE | — | No direct database access |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://www.cloudquery.io/docs/ SKILL.md:19 File Tree
1 files · 4.3 KB · 123 lines Markdown 1f · 123L
└─
SKILL.md
Markdown
Security Positives
✓ Documentation-only skill with no executable code present
✓ All capabilities are declared in SKILL.md
✓ Credential management delegated to Membrane CLI (security best practice)
✓ Uses standard npm package installation with explicit version reference
✓ No credential harvesting - credentials handled server-side
✓ No obfuscation or base64-encoded payloads
✓ External URLs are to official documentation only
✓ No sensitive file paths accessed (~/.ssh, ~/.aws, .env)