kanban-tool
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official
@membranehq/clipackage from the npm registry to manage platform interactions. This is an expected dependency from the skill's author.\n- [COMMAND_EXECUTION]: ExecutesmembraneCLI commands to perform authentication, connection management, and task operations on Kanban Tool. These commands are standard for the tool's intended purpose.\n- [DATA_EXFILTRATION]: Exhibits an indirect prompt injection surface as it retrieves and processes task data from an external source and has the capability to write data back to the service.\n - Ingestion points: Data retrieved from boards and tasks via
get-taskandget-boardactions.\n - Boundary markers: No explicit markers defined in the instructions for isolating external content.\n
- Capability inventory: The skill uses
membrane action runto perform data operations like creating or updating tasks.\n - Sanitization: Relies on the underlying platform's handling of action parameters and results.
Audit Metadata