openpayd
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Membrane command-line interface (
@membranehq/cli) from the official registry to facilitate integration with OpenPayd. - [COMMAND_EXECUTION]: Utilizes the
membraneCLI to perform authentication, connection management, and API requests. This includes running actions and proxying HTTP requests to OpenPayd endpoints. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data returned from the OpenPayd API (e.g., transaction descriptions or account metadata).
- Ingestion points: Data enters the agent context through the output of commands like
membrane action runandmembrane request. - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the fetched data.
- Capability inventory: The skill has access to network operations and local command execution through the Membrane CLI.
- Sanitization: No explicit sanitization or filtering of API responses is mentioned before the data is processed by the agent.
Audit Metadata