badger-maps
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This package is the official command-line interface for the Membrane platform and is used as the primary tool for the skill's functionality. - [COMMAND_EXECUTION]: The instructions utilize several
membraneCLI commands for logging in, managing connections, and running actions. These commands are core to the skill's operations and are executed within the user's environment to interact with the Badger Maps service. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes data retrieved from Badger Maps actions.
- Ingestion points: External data enters the agent's context through the output of
membrane action runcommands, as described in SKILL.md. - Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions when processing data from the Badger Maps API.
- Capability inventory: The skill provides capabilities to execute shell commands and run dynamically created actions via the
membraneCLI. - Sanitization: The skill does not define specific sanitization or validation logic for the data returned from external actions before it is processed by the agent.
Audit Metadata