modelscope
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via npm. This is a vendor-owned tool provided by the skill author for interacting with their platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform various operations, including authentication, connection management, and running machine learning workflows. These commands are executed in the agent's shell environment. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes and interprets data from external ModelScope resources.
- Ingestion points: Data retrieved from actions and model/dataset metadata via the
membraneCLI (SKILL.md). - Boundary markers: Absent. No specific delimiters or instructions to ignore embedded content are provided for the processed data.
- Capability inventory: Local shell command execution via the
membraneCLI and external API interaction (SKILL.md). - Sanitization: Absent. The skill does not explicitly describe sanitization or validation of the data fetched from ModelScope.
Audit Metadata