blackthorn
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the NPM registry. This is the official command-line tool for the Membrane platform, provided by the skill's authoring organization.\n- [COMMAND_EXECUTION]: The skill utilizes themembraneCLI to interact with external services, including authenticating users, discovering available actions, and executing API requests.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from the Blackthorn API (e.g., event registrations, contact details) and presents it to the agent.\n - Ingestion points: Data retrieved via
membrane action runandmembrane requestin SKILL.md.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided instructions.\n
- Capability inventory: The skill can execute various shell commands through the
membranetool and make network requests.\n - Sanitization: No sanitization or validation of the external API output is specified before the agent processes it.
Audit Metadata