soveren
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the vendor's official command-line interface,
@membranehq/cli, from the npm registry. - [COMMAND_EXECUTION]: Executes shell commands via the
membraneCLI to manage user authentication, service connections, and data workflows. - [PROMPT_INJECTION]: The skill ingests data from the external Soveren platform, creating an indirect prompt injection surface. Ingestion points: Output from
membrane action runcommands. Boundary markers: No delimiters or ignore instructions specified. Capability inventory: CLI command execution and network access. Sanitization: No explicit validation or escaping described in instructions. - [SAFE]: All network activity and external dependencies originate from the official domains and repositories of the skill author (membranedev).
Audit Metadata