employment-hero
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage via npm. This is the official CLI tool for the Membrane platform, which is the infrastructure used by this skill. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands (e.g.,
membrane login,membrane connect,membrane action run) to manage authentication and interact with Employment Hero data. These commands are standard operations for the Membrane ecosystem. - [PROMPT_INJECTION]: The skill processes data from an external HR platform (Employment Hero). This represents a surface for indirect prompt injection if the retrieved employee records or documents contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: Data is ingested via
membrane action runwhen retrieving employee details, documents, or leave requests. - Boundary markers: None explicitly defined in the provided instructions.
- Capability inventory: The skill can perform write actions (e.g.,
update-personal-details,quick-add-employee) and execute platform-specific commands. - Sanitization: Not specified; the skill relies on the underlying agent's standard data handling.
Audit Metadata