docupost
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/cliutility from the NPM registry to facilitate integration with the Membrane platform and handle secure credential management.\n- [COMMAND_EXECUTION]: Executes several shell commands via themembranetool to manage connections, list actions, and run API requests against the DocuPost endpoint.\n- [PROMPT_INJECTION]: The skill functions as a surface for indirect prompt injection as it retrieves and processes external document data and metadata from DocuPost.\n - Ingestion points: Output from commands like
membrane action runandmembrane requestwhich fetch data from the DocuPost API.\n - Boundary markers: No specific delimiters or safety warnings are present in the skill instructions to separate DocuPost data from agent logic.\n
- Capability inventory: The skill provides instructions for executing various CLI commands that can perform read and write operations on external documents.\n
- Sanitization: There are no documented steps for sanitizing or filtering the content retrieved from the DocuPost API before it is processed by the agent.
Audit Metadata