freshbooks
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the '@membranehq/cli' package globally via NPM. This is an official command-line interface provided by the skill's author to facilitate platform interactions.
- [COMMAND_EXECUTION]: The documentation contains several shell commands such as 'membrane login', 'membrane connect', and 'membrane action run' intended for the agent to execute to manage the integration and authentication.
- [REMOTE_CODE_EXECUTION]: The 'membrane action create' feature enables the generation of automation logic on the vendor's server based on natural language descriptions, which is then executed within the vendor's environment.
- [DATA_EXFILTRATION]: The skill ingests data from Freshbooks (e.g., invoices, contacts) which represents a potential surface for indirect prompt injection; however, no sensitive local data is targeted for exfiltration to unauthorized domains.
Audit Metadata