switchboard
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
membranecommand-line interface to interact with the Switchboard API, including connection management and action execution. These operations are standard for the tool's intended use. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is a vendor-provided tool used for the skill's primary function. - [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection because it ingests data from external Switchboard actions (ingestion point:
membrane action runoutput). While the instructions do not specify boundary markers or sanitization for this data, the available capabilities are restricted to vendor-managed CLI functions. - [SAFE]: No malicious patterns, such as obfuscation, persistence, or unauthorized data exfiltration, were detected. The skill follows secure authentication patterns and utilizes a trusted vendor CLI.
Audit Metadata