appdrag
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installation of the official Membrane CLI package (@membranehq/cli) from the npm registry. This is a standard dependency for the platform and resides within the vendor's official namespace.- [COMMAND_EXECUTION]: Uses the membrane CLI for core operations including authentication, connection management, and running actions. These commands represent the standard and intended method for interacting with the platform.- [PROMPT_INJECTION]: An indirect prompt injection surface is present as the agent processes data retrieved from AppDrag.
- Ingestion points: Data enters the context via actions like execute-sql-query and list-directory (SKILL.md).
- Boundary markers: The skill does not provide explicit markers or instructions to isolate external data from system prompts.
- Capability inventory: The skill can execute powerful actions such as execute-raw-sql-query, send-email, and delete-file.
- Sanitization: No explicit validation or sanitization of retrieved data is mentioned in the instructions.
Audit Metadata