rentcast
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the Membrane CLI package (
@membranehq/cli) from the official npm registry. This is the vendor's own tool and is necessary for the skill's stated functionality. - [COMMAND_EXECUTION]: The skill uses shell commands via the Membrane CLI to manage connections and execute actions. These commands include parameters like
--clientName,--intent, and--inputwhich interpolate strings into the CLI arguments. While these are part of the intended integration, agents should ensure inputs are properly escaped to prevent shell injection. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection.
- Ingestion points: Data enters the agent context via
membrane action runoutputs which fetch property and contact information from RentCast (SKILL.md). - Boundary markers: None identified in the provided instructions for delimiting external data from agent instructions.
- Capability inventory: The skill can execute shell commands through the Membrane CLI and write to the local file system if configured by the agent harness.
- Sanitization: No explicit sanitization or validation of the external API response is performed before it is presented to the agent.
Audit Metadata