kintent
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from npm. This is a standard installation of the official vendor's CLI tool. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for managing connections, searching for actions, and running automated workflows. These operations are within the expected scope of the tool's integration functionality. - [CREDENTIALS_UNSAFE]: The documentation includes explicit security best practices, advising the agent and user to avoid handling raw API keys or tokens and to use server-side managed connections instead.
- [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection risks. Data ingested from Kintent actions enters the agent's context. While specific boundary markers are not used in the instructions, the recommended use of the
--jsonflag for all commands ensures structured data processing, which mitigates the risk of instructions embedded in external data being executed as commands.
Audit Metadata