quipu
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the installation of the
@membranehq/clitool via npm. This package is the official interface for the Membrane platform and is a trusted vendor resource for this integration. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to perform all integration tasks, such as logging into the platform, listing connections, and running financial actions. These commands are integral to the skill's functionality. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection by using user-provided strings in its CLI commands.
- Ingestion points: User-defined intents and JSON parameters are passed directly to the
membrane action listandmembrane action runcommands. - Boundary markers: There are no delimiters or specific instructions to the agent to treat this data as untrusted.
- Capability inventory: The skill provides the ability to manage accounts, transactions, and contacts on the Quipu platform.
- Sanitization: No sanitization or validation of the user-provided input is specified before execution.
Audit Metadata