cross-river
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a legitimate tool provided by the vendor for interacting with their service. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage connections, search for actions, and execute them. These commands are part of the intended functionality for the Cross River integration. - [INDIRECT_PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection as it ingests user-provided intent strings and action inputs. However, the use of structured CLI arguments and the reliance on the Membrane platform's internal schemas significantly mitigate the risk of command or instruction injection.
Audit Metadata