singular
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally from the npm registry. This is the official command-line tool used to interact with the Membrane platform. - [COMMAND_EXECUTION]: The instructions rely on executing shell commands via the
membraneCLI to manage user authentication, establish connections to Singular, and run specific marketing actions. - [DATA_EXFILTRATION]: While the skill accesses external marketing data from Singular, it uses a centralized connection manager. It explicitly directs the agent to never ask for user API keys or tokens, relying instead on server-side OAuth flows.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes data retrieved from the Singular platform.
- Ingestion points: Output from
membrane action run(e.g., campaign names, reports, and metadata) inSKILL.md. - Boundary markers: None provided for the CLI output interpolation.
- Capability inventory: Shell command execution via the
membraneCLI inSKILL.md. - Sanitization: Not explicitly mentioned in the skill's instructions.
Audit Metadata