thepeer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clitool from the npm registry, which is a required dependency for interacting with the Membrane platform. - [COMMAND_EXECUTION]: It utilizes the
membraneCLI to manage connections, search for actions, and execute API requests. These commands are standard for the integration's documented workflow. - [SAFE]: Authentication is handled through a secure browser-based flow (
membrane login), ensuring that sensitive credentials like API keys are managed by the platform and not directly handled or stored by the agent. - [SAFE]: The skill has a surface for indirect prompt injection as it processes external financial records. Ingestion points: Data retrieved from Thepeer API via
membraneCLI commands. Boundary markers: None explicitly defined in instructions. Capability inventory: Includes subprocess execution via themembraneCLI for financial operations. Sanitization: Input validation and credential handling are performed by the underlying Membrane platform infrastructure.
Audit Metadata