chargify
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents how to use the Membrane CLI to interact with the Chargify API. All operations are performed through the
membranecommand-line tool, which is the standard way to interact with the Membrane platform. - [EXTERNAL_DOWNLOADS]: The skill suggests installing the
@membranehq/clipackage globally via npm. This is a legitimate tool provided by the platform vendor for interacting with their services. - [DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill emphasizes that Membrane handles credentials server-side and instructs users not to handle API keys directly.
- [PROMPT_INJECTION]: No prompt injection or behavior override instructions were detected in the skill text or metadata.
- [COMMAND_EXECUTION]: The commands provided are standard for the intended use case (e.g.,
membrane login,membrane action run). There are no attempts to execute arbitrary or dangerous shell commands.
Audit Metadata