graphy
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from npm, which is the official tool provided by the vendor (Membrane) for managing service integrations. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for various tasks, including logging in, connecting to services, and executing actions. These commands run in the local shell to interact with the Membrane platform. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from an external source (Graphy).
- Ingestion points: Data returned from commands like
membrane action listandmembrane action run(e.g., user data, order details) is brought into the agent context. - Boundary markers: The skill does not employ specific boundary markers or instructions to isolate or ignore potentially malicious content within the external data.
- Capability inventory: The skill has capabilities for executing shell commands and creating new automated actions, representing a significant capability surface.
- Sanitization: No specific sanitization or validation of external data is described in the provided instructions.
Audit Metadata