8x8
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to install the official Membrane CLI tool (@membranehq/cli) from the NPM registry to facilitate integration.
- [COMMAND_EXECUTION]: The skill makes use of the membrane CLI to perform essential operations such as user authentication, connection management, and the execution of 8x8 API actions.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its data ingestion capabilities. 1. Ingestion points: Untrusted data from 8x8 (such as SMS message bodies, contact notes, and call activity) enters the agent's context via the membrane action run command. 2. Boundary markers: The instructions do not define specific delimiters or instructions to separate external data from system prompts. 3. Capability inventory: The skill has the ability to execute CLI commands and trigger dynamic action generation through the Membrane platform. 4. Sanitization: There is no evidence of content sanitization or validation for the data retrieved from 8x8 before it is processed by the agent.
Audit Metadata