alphasense
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the NPM registry to interact with the platform infrastructure.- [COMMAND_EXECUTION]: Utilizes various shell commands includingmembrane login,membrane connect, andmembrane action runto manage the integration and execute market intelligence tasks.- [PROMPT_INJECTION]: The skill processes data from AlphaSense including company filings and news which represents a potential surface for indirect prompt injection though no active exploitation was detected.- [SAFE]: Delegating authentication to the Membrane platform is a positive security practice that prevents the need for manual API key handling or credential exposure within the skill instructions.
Audit Metadata