paddle
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage from the official npm registry, which is the legitimate tool for interacting with the author's platform. - [COMMAND_EXECUTION]: Employs the
membranecommand-line utility to manage connections and execute API actions. These operations are restricted to the intended functionality of integrating with Paddle. - [DATA_EXFILTRATION]: No unauthorized data transmission was detected. The instructions explicitly discourage the use of local API keys, instead favoring Membrane's server-side authentication lifecycle to manage credentials securely.
- [PROMPT_INJECTION]: The skill processes data from Paddle's external API, creating a surface for indirect prompt injection. However, this is inherent to its primary purpose as an integration tool.
- Ingestion points: Data retrieved from Paddle API endpoints (e.g., subscriptions, customers, reports) via the
membraneCLI. - Boundary markers: No specific delimiters or "ignore instructions" markers are provided for handling the ingested data.
- Capability inventory: The skill uses subprocess calls to execute
membranecommands for searching, connecting, and running actions. - Sanitization: There is no evidence of explicit sanitization or validation of the external API content before it is processed by the agent.
Audit Metadata