porter
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the official
@membranehq/clipackage from the npm registry to interact with the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes the Membrane CLI to perform various operations including user authentication (
membrane login), establishing service connections (membrane connect), and executing deployment tasks (membrane action run). - [COMMAND_EXECUTION]: Includes functionality for the dynamic creation of actions based on natural language descriptions (
membrane action create), which are then built and executed within the Membrane environment. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via data ingested from the Porter platform.
- Ingestion points: Data is ingested from Porter Job Outputs and Account records as described in
SKILL.md. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands in the data retrieved from the external platform.
- Capability inventory: The skill maintains the capability to execute actions on the Porter infrastructure using the
membrane action runcommand. - Sanitization: No explicit sanitization or validation of the ingested external data is mentioned in the skill instructions.
Audit Metadata