cloudback
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clitool from the official npm registry to facilitate communication with the Cloudback connector. - [COMMAND_EXECUTION]: Utilizes shell-based interactions with the
membraneCLI to perform authentication, connection setup, and execution of Cloudback actions. - [PROMPT_INJECTION]: Contains a potential surface for indirect prompt injection as it processes external action schemas and descriptions (SKILL.md). However, no boundary markers are bypassable and the capability is limited to vendor-authorized actions.
Audit Metadata