efficientip
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the npm registry. This is the official command-line tool provided by the vendor (membranedev) for interacting with their platform. - [COMMAND_EXECUTION]: Shell commands are used via the
membraneCLI to authenticate, manage connections, and execute actions. These operations are necessary for the primary function of the skill. - [REMOTE_CODE_EXECUTION]: The
membrane action createfeature allows for the creation of integration logic on the Membrane platform based on natural language descriptions, which is then executed via the CLI. - [PROMPT_INJECTION]: The skill processes data returned from external EfficientIP API calls. While this is an ingestion point for untrusted data, it is a standard part of the integration's functionality.
- Ingestion points: Outputs from
membrane action runandmembrane action list. - Boundary markers: Not explicitly defined in the prompt templates.
- Capability inventory: Subprocess execution via
membraneCLI. - Sanitization: Not explicitly mentioned in the skill instructions.
Audit Metadata