mindbreeze
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the installation of the
@membranehq/clipackage from the public NPM registry. This is an official tool provided by the vendor for managing the integration.\n- [COMMAND_EXECUTION]: The skill relies on shell command execution via themembraneCLI to perform authentication, connection setup, and data operations against Mindbreeze.\n- [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection as it processes external data from Mindbreeze searches and records.\n - Ingestion points: Untrusted external data from Mindbreeze is retrieved via
membrane action runand ingested into the agent context.\n - Boundary markers: No specific boundary markers or 'ignore' instructions are provided to delimit the retrieved data.\n
- Capability inventory: The skill possesses the capability to execute shell commands through the Membrane CLI.\n
- Sanitization: The instructions do not specify any sanitization, validation, or escaping of the external content retrieved.
Audit Metadata