exhibitday
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the @membranehq/cli package from the npm registry. This is a vendor-owned resource required for the skill to communicate with the Membrane platform.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to manage authentication, discover integration actions, and execute data operations. It also includes an action creation command that generates logic based on natural language descriptions, which is a core feature of the vendor platform.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data from ExhibitDay. 1. Ingestion points: External data enters the context via the output of membrane action run (SKILL.md). 2. Boundary markers: There are no specific instructions or delimiters provided to separate external data from system instructions. 3. Capability inventory: The skill can execute various CLI commands and create new actions through the membrane tool (SKILL.md). 4. Sanitization: No explicit sanitization or validation of the retrieved content is described.
Audit Metadata