griffin
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the npm registry. This is a legitimate tool provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: Uses the
membraneCLI to manage connections and execute actions. These operations are within the expected scope of a SaaS integration skill. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it retrieves and processes data from external Griffin actions which could contain untrusted content.
- Ingestion points: Data returned from
membrane action list,membrane action get, andmembrane action run(SKILL.md). - Boundary markers: None present; the skill does not specify delimiters or instructions to ignore instructions embedded in the external data.
- Capability inventory: The skill can execute existing actions and create new actions based on natural language descriptions via the CLI.
- Sanitization: No explicit sanitization or validation of the external data is described.
Audit Metadata