teamsupport
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
@membranehq/clipackage from the npm registry, which is the official tool provided by the vendor. - [COMMAND_EXECUTION]: The skill operates through the execution of
membraneCLI commands for authentication, service connection, and action management. - [DATA_EXFILTRATION]: The skill transmits data between the local environment, the TeamSupport API, and the Membrane platform (
getmembrane.com) as part of its documented functionality. - [PROMPT_INJECTION]: There is a potential for indirect prompt injection because the skill retrieves and processes user-generated content (e.g., tickets, KB articles) from TeamSupport. This content could be crafted to influence the agent's behavior.
- Ingestion points: Data returned from the execution of actions via
membrane action run(SKILL.md). - Boundary markers: No specific delimiters or warnings for the agent to ignore instructions within the retrieved data are present.
- Capability inventory: The agent can execute commands and run arbitrary actions, providing a surface for misuse if an injection is successful.
- Sanitization: The instructions do not specify any validation or sanitization steps for data retrieved from TeamSupport.
Audit Metadata