built-accounting
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Membrane CLI (
membrane) to perform administrative and data tasks. These commands includelogin,connect,action run, andrequest. All commands are within the expected scope of a management integration and interact with the vendor's platform. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/clifrom the NPM registry. This package belongs to the vendor's official ecosystem and is used for platform interactions. - [CREDENTIALS_UNSAFE]: The skill demonstrates best practices by explicitly advising against asking for API keys or tokens. It utilizes Membrane's connection system to handle OAuth and credential refreshing server-side, reducing the risk of secret exposure.
- [DATA_EXFILTRATION]: While the skill can read and write data to Built Accounting, all operations are routed through the authenticated Membrane proxy. No unauthorized data exfiltration patterns or suspicious third-party domains were detected.
Audit Metadata