paygreen
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage. This is an official vendor resource from the skill author (membranedev/membrane) used for authentication and interaction with their platform. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to manage connections and execute actions. These commands are limited to the scope of the PayGreen integration and do not involve arbitrary command execution or privilege escalation. - [DATA_EXFILTRATION]: No sensitive data access or unauthorized network exfiltration patterns were detected. Network operations are routed through the vendor's secure proxy (
membrane request), which handles authentication headers transparently. - [CREDENTIALS_UNSAFE]: The skill correctly avoids hardcoding secrets or asking the user for API keys. Instead, it uses a browser-based authentication flow (
membrane loginandmembrane connect) where credentials are managed securely by the Membrane platform.
Audit Metadata