soveren

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the vendor's official command-line interface, @membranehq/cli, from the npm registry.
  • [COMMAND_EXECUTION]: Executes shell commands via the membrane CLI to manage user authentication, service connections, and data workflows.
  • [PROMPT_INJECTION]: The skill ingests data from the external Soveren platform, creating an indirect prompt injection surface. Ingestion points: Output from membrane action run commands. Boundary markers: No delimiters or ignore instructions specified. Capability inventory: CLI command execution and network access. Sanitization: No explicit validation or escaping described in instructions.
  • [SAFE]: All network activity and external dependencies originate from the official domains and repositories of the skill author (membranedev).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:53 PM
Security Audit — agent-trust-hub — soveren