paygreen
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the official Membrane command-line tool (
@membranehq/cli) from the public NPM registry. This is a vendor-owned resource required for interacting with the Membrane platform. - [COMMAND_EXECUTION]: Uses the
membraneCLI for managing PayGreen connections, authentication, and running actions. These operations are standard for integration skills and are performed through the platform's supported command-line interface. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external PayGreen accounts, creating a potential surface for indirect prompt injection.
- Ingestion points: External transaction and merchant data retrieved via
membrane action listandmembrane action runcommands as documented inSKILL.md. - Boundary markers: The instructions do not define specific delimiters or security guidelines to separate untrusted external content from agent instructions.
- Capability inventory: The skill has the capability to execute shell commands via the Membrane CLI and create or run integration actions dynamically based on user intent.
- Sanitization: There is no evidence of sanitization or filtering of external data before it is processed by the agent.
Audit Metadata