ringba
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the public npm registry. This is the official command-line tool provided by the vendor (Membrane) to manage the integration. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform actions such as logging in, connecting to services, and running integration logic. This includes an attack surface for Indirect Prompt Injection: - Ingestion points: Data retrieved from Ringba is brought into the agent's context through the
membrane action runcommand. - Boundary markers: No specific delimiters or instructions to ignore embedded commands within the retrieved data are specified in the instructions.
- Capability inventory: The skill has the capability to execute shell commands (
membrane) and create new actions based on natural language descriptions. - Sanitization: No sanitization or validation of the external API data is mentioned before it is processed by the agent.
- [SAFE]: The skill implements secure credential management by using Membrane's connection system, ensuring that Ringba API keys are never exposed to the agent or stored in local files.
Audit Metadata