percy
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the
@membranehq/clipackage from the official npm registry. This is a legitimate management tool provided by the vendor to facilitate secure integrations. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform authentication, search for available actions, and execute Percy workflows. These commands are well-defined and align with the skill's intended purpose of automation. - [CREDENTIALS_UNSAFE]: Authentication is handled through a secure login flow (
membrane login) and server-side connections (membrane connect). This approach prevents the exposure of raw secrets or tokens within the agent's context or local file system. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect injection as it processes data from external Percy actions.
- Ingestion points: Outputs from
membrane action runand metadata frommembrane action listin SKILL.md. - Boundary markers: No specific delimiters are specified for separating untrusted data from the agent's core instructions.
- Capability inventory: The skill allows the execution of arbitrary Percy actions via the
membraneCLI as described in SKILL.md. - Sanitization: No explicit sanitization or filtering is described; security relies on the agent's built-in guardrails when processing tool outputs.
- [PROMPT_INJECTION]: The skill's instructions are focused on functionality and do not contain patterns aimed at overriding safety guidelines or extracting system prompts.
Audit Metadata