getblock
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry, which is the vendor's official command-line tool for platform integration. - [COMMAND_EXECUTION]: Utilizes shell-based commands (
membrane) to perform authentication, manage connections, and execute blockchain actions within the intended scope of the skill. - [DATA_EXFILTRATION]: Specifically instructs the agent to use server-side authentication managed by the platform rather than requesting API keys from the user, preventing sensitive credential exposure in the local environment.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes natural language 'intents' and 'descriptions' to discover or generate actions.
- Ingestion points: User-provided strings in
membrane action list --intentandmembrane action createcommands within SKILL.md. - Boundary markers: None identified in the provided command templates.
- Capability inventory: Execution of varied blockchain actions via the CLI as described in SKILL.md.
- Sanitization: No explicit sanitization or validation of input strings is mentioned for the discovery process.
Audit Metadata