maxmind-geoip2
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform authentication, connection management, and data retrieval tasks. These commands are part of the intended integration workflow for the Membrane platform. - [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from the NPM registry. This is the official tool provided by the vendor (membranedev) for interacting with their services. - [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface where user-provided intents and descriptions are interpolated into CLI command arguments.
- Ingestion points: User-supplied queries and descriptions are used in the
membrane action list --intent "QUERY"andmembrane action create "DESCRIPTION"commands (SKILL.md). - Boundary markers: No explicit boundary markers or delimiters are used in the provided command examples to isolate user input.
- Capability inventory: The
membraneCLI tool has the capability to perform network operations, manage credentials, and execute logic on the Membrane platform. - Sanitization: Input sanitization and validation are handled by the Membrane CLI and platform at the time of execution.
Audit Metadata