clockwork-recruiting
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the Membrane CLI tool (@membranehq/cli) via npm. This is a vendor-provided tool used to facilitate service integrations.
- [COMMAND_EXECUTION]: The skill utilizes several CLI commands through the 'membrane' executable to manage authentication, list connections, and execute actions within the Clockwork Recruiting environment.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes external data from an ATS (Clockwork Recruiting). Evidence Chain: 1. Ingestion points: Data is retrieved via 'membrane action list' and 'action get' (SKILL.md). 2. Boundary markers: No specific delimiters are used to separate untrusted recruitment data. 3. Capability inventory: The 'membrane action run' command (SKILL.md) provides the ability to modify records or send emails. 4. Sanitization: No explicit instructions for sanitizing or escaping retrieved data are provided.
Audit Metadata