deepseek
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool using npm (@membranehq/cli). This is a standard installation of a verified vendor package.
- [COMMAND_EXECUTION]: The skill uses various shell commands to interact with the Membrane CLI for logging in, connecting to services, and running actions. These commands are necessary for the skill's functionality and are executed within the scope of the Membrane ecosystem.
- [DATA_EXFILTRATION]: The skill provides instructions for accessing and processing DeepSeek data such as files and chat completions. This data is handled through the Membrane platform, which manages authentication and secure transit, preventing direct credential exposure to the local environment.
- [INDIRECT_PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection via data processed from DeepSeek. [Ingestion points]: Data enters the context through actions that read DeepSeek files, folders, and chat completions. [Boundary markers]: None explicitly defined in the provided instructions. [Capability inventory]: Subprocess calls are made via the CLI to run actions (membrane action run) or create new actions (membrane action create). [Sanitization]: Validation and sanitization are performed server-side by the Membrane platform.
Audit Metadata