Skills
skills/membranedev/application-skills/payfast/Gen Agent Trust Hub

payfast

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the NPM registry and utilizes npx to execute the latest version of the CLI tool.
  • [COMMAND_EXECUTION]: The skill relies on the membrane CLI to perform several operations, including logging in, connecting to services, and executing API actions which involve network requests.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from the external PayFast API.
  • Ingestion points: Data enters the agent's context through the output of membrane action run and membrane request commands.
  • Boundary markers: The instructions do not provide specific delimiters or ignore-instructions warnings for the agent when handling output from these commands.
  • Capability inventory: The agent can perform network requests and execute further commands using the membrane CLI tool.
  • Sanitization: There is no evidence of sanitization or filtering of the data returned from the PayFast API before it is consumed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:46 AM