moltin
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package. This is a vendor-owned resource from the Membrane platform used to facilitate the integration.
- [COMMAND_EXECUTION]: The skill provides numerous examples of using the membrane CLI to interact with the Moltin API. These commands are used for legitimate configuration and data management tasks.
- [INDIRECT_PROMPT_INJECTION]: The skill facilitates the ingestion of external data from the Moltin API. Ingestion points: Moltin API responses processed by the agent (e.g., through action run results). Boundary markers: Not specified. Capability inventory: Execution of membrane CLI actions and API requests via a secure proxy. Sanitization: Relies on the structured data format and platform-managed action lifecycle provided by Membrane. The use of a secure proxy and structured actions follows established security practices for eCommerce integrations.
Audit Metadata