Skills
skills/membranedev/application-skills/keen/Gen Agent Trust Hub

keen

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. Analysis shows the skill ingests external data from the Keen platform via the CLI. * Ingestion points: Data returned from the 'membrane action run' command. * Boundary markers: Not specified in the instructions for processing returned data. * Capability inventory: Executes shell commands via the 'membrane' CLI. * Sanitization: None specified for external data content.
  • [COMMAND_EXECUTION]: Uses the Membrane CLI to perform authenticated actions, search for integration logic, and manage data connections. These operations are part of the intended vendor functionality.
  • [EXTERNAL_DOWNLOADS]: Fetches and installs the '@membranehq/cli' package from the public npm registry. This is an official vendor-provided tool used for managing the integration lifecycle.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 06:36 AM