aws-well-architected
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). This is the intended functionality for interacting with the Membrane platform. - [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
@membranehq/clipackage from the npm registry. This is a legitimate package provided by the vendor for using their service. - [INDIRECT_PROMPT_INJECTION]: The skill processes data fetched from AWS Well-Architected via the Membrane platform.
- Ingestion points: Data retrieved through
membrane action runis processed by the agent (found in SKILL.md). - Boundary markers: Commands use the
--jsonflag to ensure structured data is returned, which helps the agent distinguish between data and instructions. - Capability inventory: The skill has the ability to execute CLI commands and create new actions through the vendor's API (found in SKILL.md).
- Sanitization: The skill recommends using pre-built actions which handle pagination and field mapping, reducing the risk of processing raw, unvalidated API responses.
Audit Metadata