ashby
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to download and install the
@membranehq/clipackage from the public NPM registry. This tool is the vendor's official interface for platform operations. - [COMMAND_EXECUTION]: Integration tasks such as authentication, action discovery, and data retrieval are performed by executing shell commands through the
membraneCLI. - [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface by processing data from Ashby (such as candidate records and notes) that may contain content from external sources.
- Ingestion points: Command output from
membrane action run(SKILL.md). - Boundary markers: No delimiters or specific instructions to ignore embedded content are provided.
- Capability inventory: Subprocess execution of the
membraneCLI (SKILL.md). - Sanitization: No data sanitization or validation logic is defined for the received Ashby data.
Audit Metadata