oracle-field-service
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the official NPM registry. This package is maintained by the skill author and is a standard requirement for using the platform.
- [COMMAND_EXECUTION]: The instructions utilize the membrane CLI to perform operations such as authentication, connection management, and running actions. These commands are executed within the scope of the intended integration functionality.
- [PROMPT_INJECTION]: The skill ingests data from Oracle Field Service, creating a surface for indirect prompt injection. * Ingestion points: Oracle Field Service records and activity data enter the agent context via membrane action run output. * Boundary markers: Absent in the described prompt instructions. * Capability inventory: The skill can execute commands (membrane action run) and create new action logic (membrane action create) based on descriptions. * Sanitization: Not explicitly performed by the skill instructions before processing external data.
Audit Metadata