billy
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as searching for connectors, managing connections, and running API actions. These are standard operations for the vendor's ecosystem. - [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
@membranehq/clipackage from the NPM registry. This package is owned and maintained by the skill's authoring organization. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by delegating authentication to the Membrane platform. It explicitly instructs the agent never to ask the user for API keys or tokens, instead using managed connections.
- [PROMPT_INJECTION]: While the skill processes data from the Billy API which could technically contain malicious instructions (indirect prompt injection surface), there are no specific patterns suggesting this is exploited or intended. The capability is limited to standard API interactions.
Audit Metadata