apto-payments
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from the official npm registry. This is a vendor-owned tool (membranedev) used to facilitate secure communication with external APIs. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage the integration workflow, includingmembrane login,membrane connect, andmembrane action run. These commands are used as intended for service authentication and data management. - [COMMAND_EXECUTION]: Employs a proxy request mechanism via
membrane requestto interact with the Apto Payments API. This ensures that authentication headers and token refreshes are handled securely by the Membrane platform rather than the skill itself.
Audit Metadata