formsite
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/cliglobal npm package. This is the official tool provided by the vendor for interacting with their integration platform. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for managing the integration lifecycle. This includes performing authentication viamembrane login, establishing connections withmembrane connect, and executing API operations viamembrane action run. - [CREDENTIALS_UNSAFE]: The skill implements a secure authentication model. It correctly instructs users to use the Membrane platform's built-in OAuth and connection management instead of requesting or hardcoding sensitive API keys or tokens.
- [PROMPT_INJECTION]: The skill processes data from external Formsite forms via the
membrane action runcommand, which constitutes a surface for indirect prompt injection. - Ingestion points: Data from Formsite is returned to the agent context via the output of
membrane action runinSKILL.md. - Boundary markers: The provided instructions do not specify any boundary markers or delimiters for the processed external content.
- Capability inventory: The skill utilizes the
membraneCLI to run and dynamically create actions based on natural language descriptions, as described inSKILL.md. - Sanitization: No specific sanitization or filtering of the ingested form data is mentioned in the skill instructions.
Audit Metadata