breezy
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the official NPM registry. This is the vendor's command-line tool necessary for the skill's functionality and is considered a trusted resource. - [COMMAND_EXECUTION]: The instructions involve executing various subcommands of the
membraneCLI to authenticate, manage connections, and run actions. These are legitimate operations performed through the platform's official tooling. - [PROMPT_INJECTION]: The skill interacts with external data from Breezy HR (e.g., candidate notes and position details), which presents a surface for indirect prompt injection.
- Ingestion points: Data returned from
membrane action runcommands, such as candidate profiles and activity streams. - Boundary markers: Not explicitly mentioned in the skill instructions.
- Capability inventory: The skill allows the agent to execute platform commands and create new actions via the Membrane CLI.
- Sanitization: No specific sanitization or validation logic is defined within the instructions, relying on standard agent guardrails.
Audit Metadata