kizeo-forms
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
membraneCLI to perform operations such as authentication, service connection, and action execution. These commands are integral to the skill's functionality as a wrapper for the Membrane platform. - [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
@membranehq/clipackage globally from the NPM registry. This package is a vendor-owned resource provided by the skill author to facilitate interaction with their platform. - [PROMPT_INJECTION]: The skill processes untrusted data from Kizeo Forms (e.g., form submissions, user names) and uses natural language descriptions to generate new actions via
membrane action create. This creates a surface for indirect prompt injection where malicious data in a form or a deceptive action description could influence agent behavior, though the risk is mitigated by the platform's architecture.
Audit Metadata