totalexpert
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is the official command-line interface provided by the vendor (Membrane) to facilitate the integration. - [COMMAND_EXECUTION]: Employs the
membraneCLI to perform operations such as logging in, connecting to services, and executing API actions. It includes functionality to dynamically create actions based on natural language descriptions (membrane action create), which is a core feature of the Membrane platform. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its requirement to ingest and process data from the Total Expert CRM while maintaining the capability to execute actions.
- Ingestion points: Data retrieved from Total Expert via search or get actions (SKILL.md).
- Boundary markers: None identified in the prompt instructions provided to the agent.
- Capability inventory: Ability to execute shell commands and API actions through the
membraneCLI (SKILL.md). - Sanitization: No explicit sanitization or validation logic is defined in the instructions for processing external content.
Audit Metadata