alertops
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via NPM. This is a global CLI tool provided by the vendor (Membrane) to facilitate communication between the agent and the AlertOps API. - [COMMAND_EXECUTION]: The skill utilizes several shell commands via the
membraneCLI to manage the lifecycle of the integration, including authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). These commands are standard for this platform's operation. - [DATA_EXFILTRATION]: The skill documentation explicitly recommends against asking users for API keys or tokens, instead directing all authentication through the Membrane connection manager, which reduces the risk of credential exposure in the local environment or agent logs.
- [PROMPT_INJECTION]: Indirect Prompt Injection Risk: The skill processes user-provided intent strings to search for or dynamically create actions via
membrane action listandmembrane action create. While the output is structured JSON, the agent should treat action descriptions and results from the AlertOps API as untrusted data. - Ingestion points: Data enters the context via
membrane action listandmembrane action runoutputs. - Boundary markers: None explicitly defined in the provided instructions.
- Capability inventory: The skill can execute actions on the AlertOps platform (create alerts, manage incidents) and read system data via CLI commands.
- Sanitization: The skill relies on the Membrane platform's internal validation and the agent's own safety filters.
Audit Metadata