budget-insight
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via NPM. This is a vendor-provided tool used to manage the integration and authentication process. - [COMMAND_EXECUTION]: The instructions involve executing
membraneCLI commands to manage connections, discover actions, and run financial queries. These commands are essential for the skill's primary function of interacting with the Budget Insight API. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it retrieves and processes financial data from an external source (Budget Insight).
- Ingestion points: Data fetched via
membrane action runandmembrane request(e.g., transaction details, account names). - Boundary markers: None identified. There are no specific instructions or delimiters provided to the agent to treat external data as untrusted content.
- Capability inventory: The skill has the capability to execute shell commands through the
membraneCLI and perform network operations via the proxy tool. - Sanitization: No explicit sanitization or validation of the fetched external data is described within the skill's instructions.
Audit Metadata