esputnik
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Membrane CLI (
membrane) for all interactions with the ESputnik API, including installation of the global package@membranehq/cli. - [INDIRECT_PROMPT_INJECTION]: The skill retrieves and processes external marketing data from ESputnik, which could potentially contain untrusted content. 1. Ingestion points: Marketing data (contacts, activity reports) retrieved via the
membrane action runcommand in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the guide. 3. Capability inventory: Ability to execute shell commands via themembraneCLI, including action creation and execution in SKILL.md. 4. Sanitization: No explicit sanitization or validation steps are defined within the skill instructions, delegating this to the underlying platform.
Audit Metadata