swaggerhub
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package via NPM to enable interaction with the Membrane platform.
- [COMMAND_EXECUTION]: The skill relies on executing the membrane CLI tool to perform authentication, create connections, and run actions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from SwaggerHub.
- Ingestion points: Data enters the agent context through action lists (membrane action list) and action results (membrane action run) which contain API descriptions and schemas from SwaggerHub.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the documentation.
- Capability inventory: The skill utilizes shell command execution via the CLI and has the potential to modify or create actions.
- Sanitization: No evidence of validation or sanitization of external data is provided in the skill instructions.
Audit Metadata