paragon
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage. This is the official command-line interface provided by the skill's author (membranedev) and is considered a safe vendor resource. - [COMMAND_EXECUTION]: Uses the
membraneCLI to perform authentication (membrane login), manage connections (membrane connect), and execute integration actions (membrane action run). These are standard operations for the platform. - [DATA_EXFILTRATION]: While the skill manages sensitive customer data via Paragon, it explicitly directs the agent to let the platform handle credentials rather than asking the user for API keys, which reduces the risk of credential exposure.
- [INDIRECT_PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes external customer data from Paragon.
- Ingestion points: Data is ingested via the output of
membrane action runcommands. - Boundary markers: None explicitly defined in the provided instructions for the agent to use when interpreting Paragon records.
- Capability inventory: The skill has capabilities to create new actions and execute arbitrary integration actions via the
membraneCLI. - Sanitization: No specific sanitization or validation steps are mentioned for the external content before it is processed by the agent.
Audit Metadata