khoros-marketing
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official NPM registry to provide the necessary tooling for the integration.- [COMMAND_EXECUTION]: Uses various shell commands through the Membrane CLI to handle authentication, connect to the service, and execute marketing actions.- [PROMPT_INJECTION]: The skill acts as an interface for external data from Khoros Marketing, creating a surface for indirect prompt injection.
- Ingestion points: Data retrieved from actions via membrane action run and action discovery via membrane action list.
- Boundary markers: Absent. No specific delimiters are recommended for handling external API responses.
- Capability inventory: Includes the ability to execute shell commands, create new actions, and run marketing operations.
- Sanitization: Absent. The skill does not specify validation or filtering of content returned from the platform.
Audit Metadata