moneybird
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/cliNode.js package. This is a scoped package provided by the skill author's organization. - [COMMAND_EXECUTION]: The skill instructions involve executing
membraneCLI commands to manage authentication, search for connectors, and run actions against the Moneybird API. - [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from Moneybird, which introduces a surface for indirect prompt injection.
- Ingestion points: Data is retrieved from the Moneybird API (contacts, invoices, etc.) via
membrane action runandmembrane requestcommands. - Boundary markers: The skill does not define specific delimiters or instructions to the agent to ignore embedded instructions within the retrieved data.
- Capability inventory: The agent has the capability to perform network requests and API operations through the CLI.
- Sanitization: No explicit sanitization or filtering of the retrieved Moneybird data is described in the skill instructions.
Audit Metadata