softledger
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as authentication, searching for connectors, and executing SoftLedger actions. These operations are essential for the integration's functionality and are performed within the vendor's ecosystem. - [EXTERNAL_DOWNLOADS]: The skill documentation describes installing the
@membranehq/clipackage from the NPM registry. This package is an official tool provided by the vendor to facilitate the integration. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes data from SoftLedger (e.g., audit logs, records, files) and possesses the capability to execute CLI commands based on that data.
- Ingestion points: Data retrieved from SoftLedger via
membrane action runandmembrane request(SKILL.md). - Boundary markers: Absent; the instructions do not specify the use of delimiters for external data.
- Capability inventory: Shell command execution via the
membraneCLI (SKILL.md). - Sanitization: Absent; there is no mention of filtering or sanitizing external content before processing.
- [SAFE]: The integration delegates credential management to the Membrane platform, which ensures that sensitive API keys and tokens are handled server-side rather than being exposed in local environment variables or hardcoded in the skill's instructions.
Audit Metadata