perfect-gym-solutions-sa
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@membranehq/clipackage from the npm registry. This is the official command-line tool for the Membrane platform and is a trusted vendor resource. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to manage connections and execute actions against the Perfect Gym API. These commands are the primary mechanism for the skill's functionality. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it interpolates user-supplied strings into CLI commands for discovery and execution. \n
- Ingestion points: User-defined action intents and input parameters are used in commands like
membrane action listandmembrane action run. \n - Boundary markers: No explicit delimiters or boundary markers for user-provided data are specified in the instructions. \n
- Capability inventory: The CLI can execute network-based actions and modify data on the Perfect Gym platform. \n
- Sanitization: No explicit sanitization or validation of user-provided input is documented within the skill file.
Audit Metadata