delighted
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the official Membrane CLI tool (@membranehq/cli) from the public NPM registry. This tool is necessary for interacting with the Membrane platform and is a trusted resource from the vendor.
- [COMMAND_EXECUTION]: Uses the 'membrane' CLI to perform authenticated operations, including creating connections, searching for available actions, and running data workflows. These operations are restricted to the authenticated user's environment.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external data from Delighted.
- Ingestion points: Delighted survey responses and person data ingested via CLI commands.
- Boundary markers: None explicitly defined in the skill instructions.
- Capability inventory: File system access through CLI installation, network access for API calls, and action execution capabilities.
- Sanitization: Relies on the underlying LLM's safety filters and the Membrane platform's execution environment.
Audit Metadata