Skills
skills/membranedev/application-skills/basiq/Gen Agent Trust Hub

basiq

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation instructs the user to install @membranehq/cli from NPM, which is the official tool provided by the vendor.
  • [COMMAND_EXECUTION]: The skill makes extensive use of the membrane CLI to interact with Basiq services, search for connectors, and run actions.
  • [DATA_EXFILTRATION]: The skill facilitates access to financial data from the Basiq platform. This data is proxied through the Membrane service which handles the authentication headers and credential security.
  • [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection during the processing of external data from Basiq. Ingestion points include membrane action run and membrane request (SKILL.md). Boundary markers and sanitization of the external data are not explicitly defined in the instructions, and the skill maintains capabilities to execute shell commands via the CLI.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:19 PM
Security Audit — agent-trust-hub — basiq