brightpearl
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the '@membranehq/cli' tool from the NPM registry. This package is an official vendor resource necessary for the integration to function correctly.
- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' CLI to manage authentication, discover actions, and execute retail management logic. These commands are the primary interface for the Membrane platform and operate within the expected scope of the skill.
- [SAFE]: The skill processes external data from the Brightpearl API via CLI outputs. While this creates a common indirect prompt injection surface, the use of structured data and the vendor's platform management aligns with standard and secure integration practices.
Audit Metadata