abuselpdb
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads and installs the
@membranehq/clitool from the public npm registry to enable interaction with the Membrane platform. - [COMMAND_EXECUTION]: Uses the
membranecommand-line utility for various operations including user authentication, establishing service connections, and running integration actions. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its action discovery and creation mechanism:
- Ingestion points: Natural language strings passed to
membrane action list --intentandmembrane action create(SKILL.md). - Boundary markers: None identified in the instructions to delimit user-provided intent from system commands.
- Capability inventory: The skill can execute shell commands (
membrane action run) and perform network operations via the Membrane platform. - Sanitization: No explicit sanitization or validation of the input strings is described.
Audit Metadata