railsr
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage from the NPM registry. This is a verified vendor tool required for the skill's functionality.- [COMMAND_EXECUTION]: Executes shell commands via themembraneCLI for authentication, connection management, and running integration actions. This involves executing actions dynamically generated or retrieved from the Membrane platform.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external Railsr API actions. - Ingestion points: Data returned in the
outputfield from themembrane action runcommand (SKILL.md). - Boundary markers: No delimiters or instructions are provided to the agent to ignore potentially malicious instructions embedded in the API responses.
- Capability inventory: The skill can execute arbitrary actions, run shell commands via the CLI, and create new actions on the Membrane platform (SKILL.md).
- Sanitization: There is no evidence of validation or sanitization of the external data before it is returned to the agent context.
Audit Metadata