snowplow-analytics
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clitool via NPM. This is a legitimate vendor package used to interface with the Membrane platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as logging in, connecting to services, and running actions. These commands are necessary for the skill's intended functionality. - [DATA_EXFILTRATION]: The skill implements secure credential handling by delegating authentication to the Membrane platform. It explicitly instructs the agent not to request API keys or tokens from the user, preventing potential credential exposure and local storage of secrets.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes natural language intents and descriptions to discover or create actions.
- Ingestion points: Command line arguments in
SKILL.md(e.g.,--intent "QUERY","DESCRIPTION"). - Boundary markers: None specified in the provided CLI examples.
- Capability inventory: The
membrane action runcommand allows for the execution of integrated functionality within the connected Snowplow Analytics service. - Sanitization: Input validation and sanitization are handled by the server-side Membrane platform during action resolution.
Audit Metadata