cubicl
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from the NPM registry, which is the official tool for interacting with the Membrane platform.
- [COMMAND_EXECUTION]: Various membrane CLI commands are used to handle authentication, create connections, and run integration actions. This includes the membrane action create command, which allows the platform to dynamically generate code based on task descriptions.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of data from external Cubicl actions, which presents a surface for indirect prompt injection. Ingestion points: Data from the Cubicl API is brought into the agent's context via the output of the membrane action run command. Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat external content as untrusted or to ignore embedded instructions. Capability inventory: The skill has the capability to execute shell commands through the CLI and perform network operations via the Membrane platform. Sanitization: There is no evidence of sanitization or validation of the content returned by the integration actions before it is presented to the agent.
Audit Metadata