digicert
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI (@membranehq/cli) from the official NPM registry. This is an expected operation for the vendor's integration tooling.
- [COMMAND_EXECUTION]: Orchestrates DigiCert management through the membrane CLI tool, which handles API calls and process execution.
- [CREDENTIALS_UNSAFE]: Adheres to security best practices by instructing the agent never to ask for or store API keys locally, using the platform's connection manager instead.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it passes user-defined intents and descriptions to the CLI. However, it provides guidance on using quotes for these arguments, which helps mitigate basic injection risks. (1) Ingestion points: User-supplied intent and description strings in SKILL.md. (2) Boundary markers: Examples use double-quoting for command arguments. (3) Capability inventory: CLI provides access to create and run actions on the DigiCert API. (4) Sanitization: None explicitly defined within the skill instructions; relies on agent-level sanitization.
Audit Metadata