performyard
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli global npm package, which is the official CLI tool provided by the vendor for platform interaction.
- [COMMAND_EXECUTION]: Employs shell commands via the membrane CLI to manage user authentication, establish service connections, and execute performance management actions.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests data from PerformYard (e.g., forms, goals, and records) that could contain malicious instructions.
- Ingestion points: Data returned from PerformYard via membrane action run and membrane action list commands (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The agent can execute write actions (e.g., creating and running actions) that could be manipulated if the agent is influenced by malicious external input.
- Sanitization: There is no evidence of sanitization or validation of the external content before it is processed by the agent.
Audit Metadata