Skills
skills/membranedev/application-skills/procountor/Gen Agent Trust Hub

procountor

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli Node.js package from the official registry. This is a vendor-owned utility necessary for managing the connection to the Procountor service.
  • [COMMAND_EXECUTION]: The skill instructs the user to run various CLI commands such as membrane login, membrane connect, and membrane action run. These commands are used to interact with Procountor financial data and automate accounting workflows.
  • [PROMPT_INJECTION]: The skill processes external data retrieved from the Procountor API, which represents an indirect prompt injection surface.
  • Ingestion points: The agent reads data from actions like action list and action run which retrieve invoices, reports, and logs.
  • Boundary markers: None present in the instructions to separate retrieved data from agent instructions.
  • Capability inventory: The agent has access to execute shell commands via the membrane CLI.
  • Sanitization: No explicit data sanitization or validation logic is defined in the skill markdown.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 09:05 PM