pay-with-bolt
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI package (
@membranehq/cli) from the official npm registry. This is a vendor-owned resource used for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill uses shell commands via the
membraneCLI to perform authentication, manage connections, and execute actions. These operations are scoped to the vendor's platform and do not involve arbitrary command execution on the host system. - [DATA_EXPOSURE]: The skill follows security best practices by explicitly instructing the agent to never ask the user for API keys or tokens, instead using Membrane's server-side connection management to handle the full authentication lifecycle.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided strings for 'intents' and 'descriptions' to discover or generate actions. While this represents a potential surface for indirect prompt injection, it is the core functionality of the platform and is mitigated by the platform's internal handling of action creation.
Audit Metadata