constant-contact
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI using
npm install -g @membranehq/cli@latest. This is a standard installation procedure for the vendor's own tooling. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform authentication, create connections, and execute actions. These commands are restricted to the scope of the Membrane platform's functionality. - [DATA_EXFILTRATION]: The skill is designed to interact with Constant Contact data (contacts, lists, campaigns). It correctly directs all data processing through the Membrane platform, which manages credentials server-side and avoids exposing API keys to the local environment.
- [PROMPT_INJECTION]: No prompt injection patterns or attempts to bypass safety guidelines were detected in the instructions.
- [REMOTE_CODE_EXECUTION]: While the skill allows for the dynamic creation of actions via
membrane action create, this is a managed feature of the Membrane platform where logic is defined and executed within the vendor's infrastructure rather than as arbitrary local code execution.
Audit Metadata