calendarific
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the NPM registry. This is a legitimate tool provided by the author to manage API integrations and authentication.\n- [COMMAND_EXECUTION]: The skill uses shell commands via the membrane CLI to authenticate, manage service connections, and execute API actions or proxy requests.\n- [PROMPT_INJECTION]: The skill processes external data from the Calendarific API, which presents an indirect prompt injection surface.\n
- Ingestion points: Holiday data retrieved via membrane action run and membrane request commands in SKILL.md.\n
- Boundary markers: Absent; external API data is placed directly into the agent context without markers or instructions to ignore embedded commands.\n
- Capability inventory: The skill possesses command execution capabilities through the membrane CLI.\n
- Sanitization: No evidence of sanitization or filtering of the API response content was found.
Audit Metadata