securionpay
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI tool (
@membranehq/cli) from the public npm registry. This is a standard utility provided by the vendor (membranedev) to facilitate the integration. - [COMMAND_EXECUTION]: Uses local shell commands to interact with the
membraneCLI. These commands are limited to authenticated actions within the Membrane ecosystem, such as managing connections and executing pre-defined actions. - [CREDENTIALS_UNSAFE]: The skill demonstrates safe credential management practices. It explicitly instructs the agent to never ask the user for API keys or tokens, instead using an OAuth-based login flow managed server-side by the platform.
- [DATA_EXFILTRATION]: No unauthorized network operations or data transfers were detected. All communication with SecurionPay is routed through the Membrane connector service.
- [INDIRECT_PROMPT_INJECTION]: As an integration that processes external data (SecurionPay records), the skill has an inherent attack surface for indirect prompt injection.
- Ingestion points: Data from SecurionPay (charges, customer notes, event descriptions) is ingested via
membrane action runandaction listcommands. - Boundary markers: None identified in the skill instructions.
- Capability inventory: The agent can execute
membrane action run, which may modify state (e.g., creating charges or updating customers) based on ingested data. - Sanitization: The skill relies on the platform's internal handling and standard agent safety filters; no specific sanitization logic is provided within the skill itself.
Audit Metadata