humaans
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from npm, which is the official integration tool provided by the vendor.
- [COMMAND_EXECUTION]: Shell commands are used via the membrane CLI to perform authentication, manage connections, and execute actions against the Humaans API.
- [PROMPT_INJECTION]: The skill ingests data from Humaans (SKILL.md) through tool outputs without explicit boundary markers or sanitization logic. This ingestion point creates an indirect prompt injection surface, as the skill's capability inventory includes executing CLI commands and running dynamically generated platform actions.
Audit Metadata