flipando
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli npm package, which is the official command-line interface for the Membrane platform.
- [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform authentication, manage connections, and execute actions. These are standard operations for interacting with the Membrane ecosystem.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes user-provided intent and external data payloads.
- Ingestion points: External data is ingested through the --intent parameter in the action list command and the --input parameter in the action run command as seen in SKILL.md.
- Boundary markers: No specific delimiters or boundary warnings are provided to separate instructions from untrusted data in command arguments.
- Capability inventory: The skill allows for command execution via the CLI and the ability to trigger arbitrary actions on the Membrane platform.
- Sanitization: There is no documentation or evidence of data sanitization before interpolation into shell commands.
Audit Metadata