finix
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via NPM. This is a legitimate utility provided by the vendor (Membrane) to manage the integration workflow. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform actions such as logging in, searching for connectors, and executing API actions. These operations are transparent and consistent with the skill's stated purpose of managing Finix data. - [DATA_EXFILTRATION]: The skill interacts with external data from the Finix API through the Membrane proxy. While this involves processing external content which theoretically presents an indirect prompt injection surface, the skill follows best practices by delegating credential management and API communication to a dedicated platform (Membrane).
Audit Metadata