10to8
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is an official tool from the vendor (membranedev) used to manage platform interactions. - [COMMAND_EXECUTION]: The skill uses shell commands via the
membraneCLI to handle authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes data from 10to8 (e.g., booking details and customer information).
- Ingestion points: Data from the 10to8 API is loaded into the agent's context via the output of the
membrane action runcommand. - Boundary markers: Not specified in the current instructions.
- Capability inventory: The skill allows for CLI command execution and managed network access through the Membrane connector.
- Sanitization: No explicit sanitization or validation of external data from 10to8 is described.
Audit Metadata