rocketreach
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the official NPM registry, which is a standard procedure for this vendor's integrations. - [COMMAND_EXECUTION]: Provides several shell commands for the
membraneCLI, includinglogin,connect, andaction run. These commands facilitate authentication and interaction with the RocketReach API through the Membrane platform. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and processes data from external RocketReach records which could contain instructions intended to influence the agent.
- Ingestion points: Output from the
membrane action runandmembrane action listcommands (e.g., contact info, company data). - Boundary markers: None are specified in the instructions to distinguish between trusted instructions and untrusted data.
- Capability inventory: The agent can execute further actions (
membrane action run), create new actions (membrane action create), and modify state within the connected RocketReach account. - Sanitization: There is no mention of sanitizing or validating the output from the external API before the agent processes it.
Audit Metadata