novu
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI (
@membranehq/cli) globally via NPM. This is a standard requirement for using the vendor's integration platform. - [COMMAND_EXECUTION]: Uses the
membraneCLI to perform administrative and operational tasks, including authentication, connection management, and action execution. These commands are localized to the platform's ecosystem. - [PROMPT_INJECTION]: The skill includes instructions that process natural language inputs (intents) to discover or generate notification logic, creating a surface for indirect prompt injection.
- Ingestion points: SKILL.md (lines 64, 75) uses user-supplied intent and description strings in CLI commands.
- Boundary markers: Absent in the command-line interpolation.
- Capability inventory: The CLI has the capability to run actions (
membrane action run) and create new logic (membrane action create). - Sanitization: Relies on the backend Membrane platform to validate and sanitize the natural language intents before processing.
Audit Metadata