8x8

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to install the official Membrane CLI tool (@membranehq/cli) from the NPM registry to facilitate integration.
  • [COMMAND_EXECUTION]: The skill makes use of the membrane CLI to perform essential operations such as user authentication, connection management, and the execution of 8x8 API actions.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its data ingestion capabilities. 1. Ingestion points: Untrusted data from 8x8 (such as SMS message bodies, contact notes, and call activity) enters the agent's context via the membrane action run command. 2. Boundary markers: The instructions do not define specific delimiters or instructions to separate external data from system prompts. 3. Capability inventory: The skill has the ability to execute CLI commands and trigger dynamic action generation through the Membrane platform. 4. Sanitization: There is no evidence of content sanitization or validation for the data retrieved from 8x8 before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 03:49 PM
Security Audit — agent-trust-hub — 8x8