kvdb
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage via npm. This is the official command-line interface provided by the vendor (Membrane) to interact with their services and KVdb.- [COMMAND_EXECUTION]: The skill uses themembraneCLI to manage authentication, establish connections, and execute database actions. These commands are necessary for the skill's primary function of data management.- [DATA_EXFILTRATION]: The skill facilitates the transfer of data to and from the KVdb service (kvdb.io) via Membrane's infrastructure. This behavior is documented and represents the intended purpose of the database integration.- [PROMPT_INJECTION]: As the skill processes data retrieved from an external database, there is a potential for indirect prompt injection if that data contains malicious instructions. - Ingestion points: Data retrieved via
membrane action runormembrane request(SKILL.md) - Boundary markers: None specified in the instructions
- Capability inventory: Shell command execution via the
membraneCLI (SKILL.md) - Sanitization: None mentioned
Audit Metadata