pro-ledger
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI (
@membranehq/cli) globally via npm. This is a legitimate tool provided by the skill's developer to facilitate interaction with their platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as logging in, creating connections to Pro Ledger, and executing actions. These commands are restricted to the official vendor tool and are necessary for the skill's core functionality. - [DATA_EXPOSURE]: While the skill processes financial data (invoices, accounts), it does so within the context of the user's Pro Ledger account via the Membrane integration. Authentication is handled server-side, ensuring that long-lived API keys or credentials are not stored locally or exposed to the LLM context.
- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data retrieved from Pro Ledger (e.g., descriptions of invoices or contacts). However, the operations are conducted through structured CLI commands, and no dangerous autonomous execution or sanitization failures were observed.
Audit Metadata