fraudlabs-pro
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the
@membranehq/clipackage from the NPM registry. This is a legitimate tool provided by the platform vendor for interacting with their services. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to manage connections and execute fraud prevention actions. These commands are used as intended for service integration and do not involve arbitrary or dangerous shell execution. - [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other sensitive credentials were found. The skill follows best practices by using a connection-based authentication model where secrets are managed server-side by the platform.
- [PROMPT_INJECTION]: The instructions do not contain any patterns typical of prompt injection, such as attempts to bypass safety filters, ignore previous instructions, or extract system prompts.
- [DATA_EXFILTRATION]: There is no evidence of unauthorized data collection or exfiltration. The skill only interacts with the official FraudLabs Pro API through the platform's managed actions.
Audit Metadata