assembla
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry to interact with the Membrane platform. - [COMMAND_EXECUTION]: The skill relies on the
membraneCLI tool for project operations. This includes themembrane action createcommand, which enables the dynamic generation of new actions and capabilities based on natural language descriptions provided at runtime. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) through the ingestion of external Assembla data.
- Ingestion points: Data from tickets, comments, and merge requests is introduced into the agent context via actions listed in
SKILL.md(e.g.,list-tickets,get-ticket-comments). - Boundary markers: There are no boundary markers or instructions to isolate retrieved external data from the agent's instructions.
- Capability inventory: The agent can perform significant operations such as
create-ticket,update-ticket, and creating new actions viamembrane action run(defined inSKILL.md). - Sanitization: The skill does not define any sanitization or validation logic for content fetched from the external service.
Audit Metadata