appsmith
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from NPM, which is the official CLI for the Membrane platform.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to perform authentication, create connections, and execute actions, involving network operations to the vendor's infrastructure.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8).
- Ingestion points: Output from membrane action list and membrane action run enter the agent context.
- Boundary markers: None specified to delimit external data or warn the agent about embedded instructions.
- Capability inventory: The agent can execute CLI commands and run actions that can modify resources or perform network operations.
- Sanitization: No sanitization or validation routines are described for content retrieved from external actions before it is utilized by the agent.
Audit Metadata