personio-recruiting
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm. This is the official command-line tool for the Membrane platform and is used for authentication and service interaction. - [COMMAND_EXECUTION]: Utilizes the
membraneCLI to perform operations such as logging in, connecting to services, and running actions. These operations are managed by the vendor's infrastructure and replace the need for raw API calls and local secret handling. - [PROMPT_INJECTION]: As the skill retrieves recruiting data from an external API, there is a potential surface for indirect prompt injection if the incoming data contains malicious instructions.
- Ingestion points: Data returned from Personio Recruiting via the
membrane action runcommand. - Boundary markers: No explicit markers or instructions are provided to delineate untrusted data from the system prompt.
- Capability inventory: The agent can execute CLI commands and manage network connections through the platform.
- Sanitization: Data sanitization is not explicitly addressed within the skill's instructions.
Audit Metadata