invoice-ninja
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the
@membranehq/clipackage via npm. This is an official command-line tool from the skill's author (Membrane) used to facilitate secure communication with external APIs. - [COMMAND_EXECUTION]: The instructions involve running the
membraneCLI to manage connections and execute API actions. These commands are part of the standard operating procedure for the integration and do not involve arbitrary or malicious shell execution. - [DATA_EXFILTRATION]: The skill adheres to security best practices by advising against the manual entry of API keys or tokens, instead using a connection-based model where credentials are managed server-side by the Membrane platform.
Audit Metadata