lambdatest
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the @membranehq/cli tool from the npm registry. This is a vendor-owned package used to manage integrations.
- [COMMAND_EXECUTION]: Uses the membrane CLI to log in and manage connections. This centralized management of credentials follows security best practices by avoiding local storage of secrets.
- [PROMPT_INJECTION]: The skill processes data from the LambdaTest API, creating a surface for indirect prompt injection. * Ingestion points: Results from 'membrane action list' and 'membrane action run' commands. * Boundary markers: No delimiters are specified to separate external data from agent instructions. * Capability inventory: The agent can execute commands and modify cloud resources via the membrane CLI. * Sanitization: The skill does not define specific validation or filtering steps for the API outputs.
Audit Metadata