square
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@membranehq/clitool from the npm registry. This package is an official resource provided by the vendor to facilitate the integration with their platform.\n- [COMMAND_EXECUTION]: The skill utilizes themembranecommand-line interface to authenticate users and run actions within the Square ecosystem. These operations are standard for the tool's intended functionality.\n- [DATA_EXFILTRATION]: While the skill accesses sensitive Square data such as customer records and payments, it uses the Membrane platform as a secure middleware to manage authentication and data transfer, which prevents the exposure of API keys and tokens in the local environment.
Audit Metadata