pusher
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Instructions utilize the
membraneCLI tool for operational tasks including session authentication (membrane login), service connection (membrane connect), and action execution (membrane action run). It also supports the dynamic creation of new actions viamembrane action create, which generates integration logic based on natural language descriptions. - [EXTERNAL_DOWNLOADS]: The skill initiates the installation of the
@membranehq/clipackage from the npm registry to provide the runtime environment for its commands. - [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes untrusted data from the Pusher platform.
- Ingestion points: Data returned from
membrane action runand metadata frommembrane action listin SKILL.md. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Subprocess execution via the CLI and network operations as defined in SKILL.md.
- Sanitization: No specific sanitization or validation of the external platform's output is mentioned.
Audit Metadata