mediatoolkit
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the @membranehq/cli package via npm. This is an official vendor-provided tool required for the skill's primary functionality.
- [COMMAND_EXECUTION]: The skill relies on executing the membrane CLI to authenticate, discover available actions, and run API requests against Mediatoolkit.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection when processing external data.
- Ingestion points: Data is ingested into the agent context through the JSON output of the membrane action run command (SKILL.md).
- Boundary markers: The instructions do not define specific markers or prompts to isolate external content from the agent's core logic.
- Capability inventory: The agent is empowered to execute shell commands, install global npm packages, and create new actions on the Membrane platform (SKILL.md).
- Sanitization: There are no documented steps for sanitizing or validating the data returned from Mediatoolkit before it is used to influence agent decisions.
Audit Metadata