razorpay
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clitool from the NPM registry. This is a vendor-owned package used to facilitate the integration. - [COMMAND_EXECUTION]: Relies on the
membraneCLI to perform operations such as login, connection management, and executing Razorpay actions. These commands are executed locally to interface with the Membrane platform. - [DATA_EXFILTRATION]: The skill implements a secure-by-design approach for credentials. It explicitly instructs the agent to never ask the user for API keys, instead using server-side authentication handled by Membrane. This mitigates the risk of credential exposure in logs or local environments.
Audit Metadata