cheddar
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
membraneCLI to perform all operations, including authentication, connection setup, and action execution. These commands are executed in the local shell environment. - [EXTERNAL_DOWNLOADS]: The instructions require installing the
@membranehq/clipackage from the official NPM registry. This is a standard requirement for using the vendor's integration platform. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it interpolates user-provided queries (
--intent "QUERY") and JSON inputs (--input '{"key": "value"}') directly into CLI commands. - Ingestion points: User-provided query strings and action parameters.
- Boundary markers: None explicitly defined in the CLI examples.
- Capability inventory: Ability to execute shell commands, manage network-connected actions, and handle authentication via the CLI.
- Sanitization: Not explicitly mentioned in the documentation; safety depends on the agent's shell execution implementation.
Audit Metadata