whatfix
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/cliutility from npm. This is an official tool from the skill's author (membranedev) used for interacting with the Membrane platform. - [COMMAND_EXECUTION]: All documented CLI commands (membrane login, connection connect, action run) are standard administrative actions for the platform and occur within the intended scope of the integration.
- [DATA_EXFILTRATION]: The skill follows security best practices by advising against manual API key entry and instead utilizing Membrane's managed connection system to handle authentication server-side.
- [PROMPT_INJECTION]: The skill processes data from Whatfix, which represents a surface for indirect prompt injection. Evaluation identifies:
- Ingestion points: External data is ingested from Whatfix via
membrane action runcommands. - Boundary markers: No explicit delimiters are present in the provided instructions.
- Capability inventory: The skill can search for, create, and execute actions within the Whatfix connector.
- Sanitization: No specific sanitization or filtering logic is defined for the external data in these instructions.
Audit Metadata