totvs
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the
@membranehq/clipackage from the NPM registry, which is the official tool provided by the vendor for this integration. This is a standard installation of a vendor-owned resource. - [COMMAND_EXECUTION]: Executes shell commands via the
membraneCLI to manage user login, connection life cycles, and run data operations against the TOTVS API. - [DATA_EXFILTRATION]: Transmits data to external endpoints associated with TOTVS and Membrane for record management. The skill encourages best practices by directing users to use platform-managed authentication rather than storing secrets locally.
- [PROMPT_INJECTION]: The skill processes untrusted data from TOTVS records, which creates an attack surface for indirect prompt injection.
- Ingestion points: TOTVS record data retrieved via
membrane action run(SKILL.md). - Boundary markers: Absent; there are no specific instructions for the agent to use delimiters or ignore instructions within the retrieved data.
- Capability inventory: The agent has the ability to execute various shell commands through the
membraneCLI, including creating and running new actions. - Sanitization: No explicit sanitization, validation, or filtering of the external record content is described in the skill instructions.
Audit Metadata