Skills
skills/membranedev/application-skills/rippling-hr/Gen Agent Trust Hub

rippling-hr

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the NPM registry. This is a standard installation of the official CLI tool provided by the vendor (Membrane).
  • [COMMAND_EXECUTION]: The skill makes extensive use of the membrane CLI to manage authentication, search for actions, and execute API calls against Rippling HR.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from an external HR system.
  • Ingestion points: Data is ingested into the agent's context from the Rippling HR API via the membrane action run command (SKILL.md).
  • Boundary markers: None. The skill does not provide specific delimiters or instructions to the agent to treat retrieved data as untrusted.
  • Capability inventory: The agent has the capability to execute shell commands through the CLI and create or run new actions on the Membrane platform (SKILL.md).
  • Sanitization: None. There are no instructions for sanitizing or validating the data returned from the external API before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:23 PM