xebialabs
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli tool via npm. This package is an official resource from the skill's author used to facilitate communication with the integration platform.
- [COMMAND_EXECUTION]: Employs shell commands to authenticate, manage connections, and execute integration tasks. This includes membrane action create, which generates new automation logic on the vendor's platform based on user descriptions.
- [PROMPT_INJECTION]: The skill processes JSON output from XebiaLabs actions, creating an attack surface for indirect prompt injection. Mandatory Evidence:
- Ingestion points: Output from membrane action run and membrane action list in SKILL.md.
- Boundary markers: Absent. No delimiters or instructions are provided to the agent to treat external content as untrusted.
- Capability inventory: The skill can execute local CLI commands (membrane, npm) and trigger remote actions.
- Sanitization: Absent. No filtering or validation steps are performed on the data retrieved from XebiaLabs before processing.
Audit Metadata